www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/
Submission: On December 02 via api (December 2nd 2023, 11:19:08 pm UTC) from US — Scanned from DE

Summary HTTP 368 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 45 domains to perform 368 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
13	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	2606:4700:20:... 2606:4700:20::681a:2f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 31	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2 56	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
56	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
52	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3 19	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	54.76.156.92 54.76.156.92	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211a:4800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
2 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.121.34.204 3.121.34.204	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 4	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
6 6	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	3.11.198.160 3.11.198.160	16509 (AMAZON-02) (AMAZON-02)
1	18.66.27.17 18.66.27.17	16509 (AMAZON-02) (AMAZON-02)
1	13.224.132.52 13.224.132.52	16509 (AMAZON-02) (AMAZON-02)
2	3.10.29.13 3.10.29.13	16509 (AMAZON-02) (AMAZON-02)
368	43

6 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:20::681a:2f3 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.156.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-156-92.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:4800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.133 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.174.117 (United Kingdom) 5 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.34.204 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-34-204.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.56.205.163 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.166 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.198.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.27.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-27-17.vie50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.132.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-132-52.lhr3.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.10.29.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
112	googlesyndication.com 2 redirects 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	2 MB
68	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	398 KB
57	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com	3 MB
52	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	498 KB
13	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	828 KB
13	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	260 KB
12	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	290 KB
11	google.com www.google.com — Cisco Umbrella Rank: 2	4 KB
5	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563 static-de.ad4mat.net — Cisco Umbrella Rank: 192580	1 KB
4	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 13930	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	2 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	o2online.de partner.o2online.de — Cisco Umbrella Rank: 104746	4 KB
3	lead-alliance.net 3 redirects www.lead-alliance.net — Cisco Umbrella Rank: 89094	1 KB
3	telefonica-partner.de 3 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 88416	700 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 560	2 KB
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46149	830 B
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 47317	2 KB
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 83743	804 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 478	2 KB
2	ctnsnet.com 2 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6100	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	451 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 695	339 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	150 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 793	166 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	237 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	199 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	384 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	711 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	538 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	464 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10182	467 B
368	45

	Domain	Requested by
56	pagead2.googlesyndication.com	2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com pagead2.googlesyndication.com www.xgcartoon.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
51	static-a.xgcartoon.com	www.xgcartoon.com
46	tpc.googlesyndication.com	2 redirects 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
31	securepubads.g.doubleclick.net	2 redirects cdn.ampproject.org 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com www.googletagservices.com
20	assets.ad4m.at	as.ad4m.at
19	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
16	ad4m.at	as.ad4m.at ad4m.at
16	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
13	www.googletagservices.com	2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com googleads.g.doubleclick.net
13	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
10	2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com	cdn.ampproject.org
6	ad.doubleclick.net	6 redirects
6	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	www.awin1.com	2 redirects as.ad4m.at
4	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
4	www.googleadservices.com
4	encrypted-tbn2.gstatic.com	2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
3	partner.o2online.de	as.ad4m.at
3	www.lead-alliance.net	3 redirects
3	www.telefonica-partner.de	3 redirects
3	sync.1rx.io	3 redirects
3	c1.adform.net	3 redirects
2	api.webgains.io	analytics.webgains.io
2	pb.media01.eu	as.ad4m.at
2	pv.medialead.de	2 redirects
2	www.conrad.de	as.ad4m.at
2	pm.w55c.net	2 redirects
2	secure.adnxs.com	2 redirects
2	ius.ctnsnet.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	r.turn.com
2	ad.turn.com	2 redirects
2	ssbsync.smartadserver.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	encrypted-tbn1.gstatic.com	2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
2	encrypted-tbn3.gstatic.com	2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
2	www.gstatic.com	2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
2	fonts.googleapis.com	2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	s.ad.smaato.net	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	match.360yield.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
368	61

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 52 frames:

Primary Page: https://www.xgcartoon.com/
Frame ID: BB169210169E101E5A0A41238A144900
Requests: 87 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 388485D81D7F2CCEBAC4CFECD3D35F54
Requests: 13 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 6B2BFDB69DFAD90212397F4198BF6376
Requests: 11 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4F21A880DFAF47AD376AD94B1644E226
Requests: 12 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 6279CE93BFA81AF4BB6447A05720CC5A
Requests: 16 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A906341DEF4249D691EB0A03BED41D06
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: BDCD386E926E9A069D41CA3EBF6792C4
Requests: 1 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 38D9239EF5ED359663C904FEEE8BA41D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142860&bpp=124&bdt=158&idt=317&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3008546054&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532604%2C31078301%2C31079889%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072%2C31079890&oid=2&pvsid=1611315753300357&tmod=1858562904&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fq87ks6ebzlh&fsb=1&dtd=323
Frame ID: 12E49B01B66DF8EE8BEF234A9111CBA0
Requests: 1 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: F4C386C0B7C6F3FE8B3E4A9D26682445
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329
Frame ID: 5752C8C2BF18F439C5EC2362A6BDB4AB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Frame ID: 0B21F32E8D80FBBA715918F8DD392BF4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142907&bpp=162&bdt=191&idt=338&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44798934%2C31078297%2C31079890%2C44807751%2C44806139%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3717604420102411&tmod=1335754690&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n5zm4apcpr46&fsb=1&dtd=344
Frame ID: FB01EDB2CB8B16C389043433C3473521
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: B9C95F5E6E76DE3B2A3FB181EE863931
Requests: 1 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 869ACDE627867558D1559834E940A757
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: ECB977896F0A0154A45F017F3FA75957
Requests: 1 HTTP requests in this frame

Frame: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: F0C47491F0A51B74659212EE0A5A76DE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046726&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143345&bpp=125&bdt=103&idt=240&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079714%2C42532524%2C44798934%2C31078301%2C31079861%2C44807764%2C44808149%2C44808284%2C44809071%2C31079889&oid=2&pvsid=3711935980509958&tmod=2237344&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bvgqzfh2vvp0&fsb=1&dtd=245
Frame ID: EB9074E6288C51D29D7A4065ED03C955
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206
Frame ID: B3E9249B2A69CABEA0CD695633BDA8FA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kq2qxsczqcf49njxkm9bj57r3j5py9jb6e9tyz5r89d1wjtwe3js14pvwvkj5pe6h3d9wwmmjevqh0sj1wh87wdy7faaw8c7bj2kh4hv8sjnpz7q6tfagwxm97xvty53v4hvnqn3a50zn3cpc11sdtmabndakbcnm37zbvxfxhz911yajgbrprmhvc772qc035jffkmpjx5nbgf2z3zhw9awz6mz95tzxbz574y3kbxd99m2ryajpbjk6hxeaxxt410a4631favbkhd3vrzadhh3mnamat3efx8tjjmbgbgwk4r9sy9c5syt2hvysnpwx9v7brzyrwy0x080fdz9rrprx40f8rp72nzsg666nt5a93b2wtwd2q57v25qa2fsbayz54nj26nhr81w7jt0f8znzd4xpt8mcgw4s8t0685c6gaz4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: EDB35F7D9FAB3F5F56D46766ABDA1871
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E887F6632066DA2713BCA47472037115
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gqrnczy34zvqhz0m3hf0fe1x790ehertarbdhtygk34rnacsp2ehh93z2hryqepqg8twakt58sn1zw3je28x1e9a3r9y000y8r6fmvvebgvxp4f3hezp3r1ez59fq11w4c51tvqq2yz7pd83pjfmbqvtwffdvn3mnawmq4r9getqzcfnhephx9zw5kybg2j66k9g6cz83qy3ypnzacdacwhxkarwd4nrga9ncv89qewhg598n4v6wjb9a9fvzyh3fca13rj6gan4dfa51qp95d8a013t5xxp5t49v2bcderfwsjqbz7rn872csw1rxh5hhvtbyhfsw461gddtc3w9nbzedyq8wjrf31y6bq1nq3mmf013tczv7mew670sn3hzza6x0sk65d0f4c10md8t7fznqmddq2wn3ev6eb1j2pr1tevr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 0CD5F545CF21B5664952CB264477FC15
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Frame ID: FF7041D1A6C176FF025CC9A4D2708D2C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 83A7D061DCAF23977B0B26CE6480D799
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h0hbpcqrbt66k1bc51x9fz9dp5ppkgrpg9es9w5hkc4qn9trh6jan9pk2r4m7f72qsexx7hcqjvjmrcnxq8wnnwykvbwx3ha6ny4kxkan7crmdhfx36cbhxyje6e1j2hjv24d2x2845ysmr2z3z1wenxy5ckf2ws1chcy8019ry3p90849dnc41v4b95beeea4hz6tsk3jekrg2e0epky0jq6q4q061tgvg24ecve5hyybvnkccvwm91tsz91x679tqvwd1yvpvgzewtaj59yp43w6nmf74gyke66nvmdr3vx4z9wf0e50tek602fb2x9nhr4zz765g6xv2fvg8weda1p00w10p7qyymp6grft5mpn3yvkm5cqh2dthrkfrd4bjyv92x1enspbvpvxnhg5gf26a2jgnrqk400td1jc32g0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 4AEDD279D9E6F41839464167C6DC316E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F4BCA9F27C5D6987B7EF271151E9D6BA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046724&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143607&bpp=91&bdt=58&idt=201&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532523%2C44809315%2C31078301%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=573928386794852&tmod=719631899&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bh9k1utuq95t&fsb=1&dtd=208
Frame ID: C375C386891AB3D18DFF8460C9DF4418
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: B2BE2BAD6074906FFBB84606E3668C9C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: F9472539AAD21CA4A5A9F12525C84A03
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 3AAE7DA288AF3F23A05EEA381200CE68
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78268F7040E9E3A28DC475E213E9E0A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2AF7FC32A9A1B62050C1F68F55C1389
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hgnrm07h08w806gh8vcc2cmjywesctf267q2956cnj344ee2qe2b2qv328x3wbkmgcp14y6qns5f4n7126bakzgj31wdbx3ssk6p850mwgrdr061a6rbgfv38bvtaqyppddzz63cddwqjxv99a2f3bznd1p96t2ydmqjagypqcwakp3827bevjc8bcjbz84dwmb463c5nab9070s23se117b1b18cb38ettktjtx13j5c3qa0dfebxsjk4855fst1a4e0zx9m8phssyz7zw6rw6a4e8w9ef8z39vxp71xtrx5k7pknagb9gaxyvrs6v6b8x7m76ateq97r6f147k8e4x7dan0hw8amj8t1r3ndakt1hvp0wpy3k1m366frventfya3kzy7a41h2p3zw16s1q1qp58srqwpzqcpwwz1n2f93zvtsm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: B05BF09331EA1536B5538606E7F122AA
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Frame ID: BCADE2201D27E6CE7443377D84185C2F
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CF9ACBB2780B698BCFC6C37E0125838D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40A75B9B59FE465268D2BE59E79E4D9C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B0AB8E424A65753D36439E84E9BF11B
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 4BCF5ACC27AE6FC2E16DE7F59545B3A5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=320&d=50&e=&g=ad1936446b47467edb51da9d44b221dc%2F9948689235261172637&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0tqkx66gqpsjbdnxx88tv2wawpf6tr73xvh7181gazqmbmp1er7k11qh9tbnqkpym8anh801f18x06rr7vsgge5gqhdjwm0racg5604jgkng66ssd0d39fvz9k2xf5jkwbp9rhjx50emfpr17eqhxzbd65v9b0tnmnthhjjny05megkc6jsj0tmha72hajpyqb5d16syjwpdra8qqz8s0gfnzqg4dp59anarxa48a1j5sbf5ragx85y2649zej8rwrjxjvhaapsrehpq10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: CEE35BCBBAF0F3854356211B2ABEFBA7
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 92875597B97B625CD24790FE4EE5C2C6
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: ECE09A52B4D0FEC558C2D046C0487017
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C7413B7B27CC7139C05C18CC6F28504
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06560A51197EB2C8C89BAB676A5EF8EC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6EC69EA0120E3282F6FF3531A0B0BB3F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B550A2993FF80484F6549585B757768
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 856701D1A631E93E6F3B4C23A95C7D62
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92D566E545136D29D8711562DB7F85D6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 13AD8CFAA4F18B00EF446F6E14545228
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB39E5578DFA66B88CA341193F9AC3D1
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 55B03C931ED4DA3C6B9EC98C5AAB693F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D07B5802EB6A5FE336D6D101D6FA3D94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B1F3F63465803B183155E9B050085AB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍉西瓜卡通

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

368
Requests

93 %
HTTPS

43 %
IPv6

45
Domains

61
Subdomains

43
IPs

10
Countries

7539 kB
Transfer

15085 kB
Size

38
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg HTTP 301
https://tpc.googlesyndication.com/simgad/4558490222349370582

Request Chain 145

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg HTTP 301
https://tpc.googlesyndication.com/simgad/4558490222349370582

Request Chain 151

https://securepubads.g.doubleclick.net/pagead/adview?ai=CwiuuZbtrZffcMMXtgQeM25OADoqCg8t0vor4m_ARo56d6v9AEAEg08vOMGCV-vCBjAegAeiv7IgDyAEJqQKHFnI5ikKyPuACAKgDAcgD2wSqBJoCT9A_jWQqltu0Om0_lWfAgEyZhF9ctiFdJZOLGaO01JsiTmgAa9P03vXOyxX82wZNziJvMZuezJgontoIfo22s-e0hYJ_Pk6cynj0v5zcYh2JS6fV5EVkn5WIcN407VIscmFLiCRdkwBk1hSCysTssnLC4r7jeXPAteFaKZc_3o1l0UgmpQzketcdCyrMS1jRZILGS51CWZvrNHtaT47MLMhJJXH0TOa8tLl4jMasDxb09Yt56jSYNtb_gyDyDdWZg3GAW0Y8SmiKB1IYvN5T9hM3qjzcdo10niNsIHNizAwl-v8Qjf_8PpkNsVhj_vihXwjD94K03LKRcm-xt5F_bYRMUFYMCkriaZUXNk2qQtDYmCBfqyZA3woMwAToqvT1wgTgBAGIBfqp7JFNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQt-MC0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljwqrzh8fGCA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMImtq84fHxggMVxXbgCh2M7QTg2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=bc08kRcM76Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNvR_nHyXjFdMl2nj2GwXj3dzWCnSMDxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223122169606984456211%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223795069502716123441%22}&andc=true

Request Chain 158

https://securepubads.g.doubleclick.net/pagead/adview?ai=CruHZZrtrZYuKOd33x_AP6rij4ASKgoPLdL6K-JvwEaOener_QBABINPLzjBglfrwgYwHoAHor-yIA8gBCakChxZyOYpCsj7gAgCoAwHIA9sEqgSaAk_QuQ743AXILw4AVOFDVxLo4ZtaqlR8E_RZ76sY8TxzTSFkAMtVWzxMBHG1tdMQOmavleO5lVra6ZlkpRz5D7JiMLEgHhcg5Q6yN6u5itfJDvmN8-trWduh9uDiRSeOcpcpaSOg4Kl9855JBxWt3dA0xZa7mzIDga8SnV7CP2zJOMJHqUAREqupn7ghAf6_EH0RUmrJVg9f7QDX2GPJfIKbXdTw8jX-LDx8TU_MBqOh2Im8ifc0HuW73Wu4AGzgTjuTZZg1tG7h1V7Pec04SaM3rbxf6I52yjr-lWK0tSt6TNWXatNUciXFL56uQrKB2PTuXbeSWnIc60xC0IoEg4n2VebGL1f3UTDhDNF2r46VoAPxNt96utmUlsAE6Kr09cIE4AQBiAX6qeyRTZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeA0JN3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEKKDA9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYk7y-4fHxggOaCR1odHRwczovL3d3dy5uZWJ1bHVzLmJpei9kZS9kZYAKA8gLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLiDRMIquS-4fHxggMV3fsRCB1q3AhM2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=T65ubLgIVDk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNsMO10huGmu7zYAmq__LX5Cb42jcW4xgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212759020497313085632%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214144658280366429569%22}&andc=true

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMow9YjIgKBIlzxsodvyevQ&google_cver=1&google_push=AXcoOmSHbvG-ZWt_uvtU12Rns4yZZn09ukh9hSiEp6m5626oxn5qwhioRpbUlRQi_1OPh6Fie7oi1Kisz2Hv48dJG_X8RA61MA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMow9YjIgKBIlzxsodvyevQ&google_push=AXcoOmSHbvG-ZWt_uvtU12Rns4yZZn09ukh9hSiEp6m5626oxn5qwhioRpbUlRQi_1OPh6Fie7oi1Kisz2Hv48dJG_X8RA61MA

Request Chain 202

https://um.simpli.fi/gp_match?google_gid=CAESEMTwF8Y3OH6vx-wJayCn0Nw&google_cver=1&google_push=AXcoOmR-0GJBOXVP5KaFBBR3jZisdgG5Acrxrd-W8v0uKsWweO4S7eIDcO7kzYMUXX99x7uGbY2tLUYIxGJixkYSvsGx17jsSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=780082ABA7BE482B96A7F0832E9EE014&google_push=AXcoOmR-0GJBOXVP5KaFBBR3jZisdgG5Acrxrd-W8v0uKsWweO4S7eIDcO7kzYMUXX99x7uGbY2tLUYIxGJixkYSvsGx17jsSA

Request Chain 203

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKld35NyTS1-8a8Qsqwp-FY&google_cver=1&google_push=AXcoOmRS8gTPD-fG8pSkeWNWPYpjEje1eb0NCOeRDunx_OJ0iypwcEAssPCsCNj9pj7NZBZ4utUSF4ULbPWmH1Jr9z5nlX7SBDY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRS8gTPD-fG8pSkeWNWPYpjEje1eb0NCOeRDunx_OJ0iypwcEAssPCsCNj9pj7NZBZ4utUSF4ULbPWmH1Jr9z5nlX7SBDY

Request Chain 208

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1&google_push=AXcoOmSy1M3xfW2p2SPGxfkyUcqonAdV1WUJVjcUkQlKX4WgtE2QDcheL-928659dclxESag1GkGeDCaW08FyhjFoazPL7PKm9lX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ3MzY4MzE1MTY2NjAwNTYxNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1

Request Chain 209

https://a.tribalfusion.com/i.match?p=b6&u=CAESENOxb-hKvstLeOjSgFKlbKA&google_cver=1&google_push=AXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENOxb-hKvstLeOjSgFKlbKA&google_cver=1&google_push=AXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 214

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMyyoOKNDzBKEoROg5dQD1I&google_cver=1&google_push=AXcoOmRZgKV8VeQU_aHOyU2WqoQBXLTPi0wfQ4ClZ43GLe_MAtK5GmRB_B1A-KGC_EXOdYe3tB1f98JDOzwRArEfv6UziBx4GHVPjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRZgKV8VeQU_aHOyU2WqoQBXLTPi0wfQ4ClZ43GLe_MAtK5GmRB_B1A-KGC_EXOdYe3tB1f98JDOzwRArEfv6UziBx4GHVPjA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 216

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1&google_push=AXcoOmSpZIMAbOfyM949wQdxkWkBKwJt4tBp0utLOWewsWXYOsk2hRDJzBKi16jdLbPacWMHicx576FAahpNB3LB1BHVFnjM6hDo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzUzNjkzNDQyOTE3Mjk0MjQ0OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1

Request Chain 218

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEILuFLbs5CqIULAC9ceYLYQ&google_cver=1&google_push=AXcoOmQJDmTwdglpmne7l854LKwo1NqOLFVBjELPoOhmIr0CrArZp9p1icIqs7MuP6MYphbE-bJU3J2eht28tQpnwDKVH1pGDEVx HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEILuFLbs5CqIULAC9ceYLYQ&google_cver=1&google_push=AXcoOmQJDmTwdglpmne7l854LKwo1NqOLFVBjELPoOhmIr0CrArZp9p1icIqs7MuP6MYphbE-bJU3J2eht28tQpnwDKVH1pGDEVx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg0Nzg3NzEyNTkwMTg4MjA1MA&google_push=AXcoOmQJDmTwdglpmne7l854LKwo1NqOLFVBjELPoOhmIr0CrArZp9p1icIqs7MuP6MYphbE-bJU3J2eht28tQpnwDKVH1pGDEVx

Request Chain 219

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN37wRLTnxwAuaJITC8u9M4&google_cver=1&google_push=AXcoOmTfydyuK2bpjoEnenx50p6gsLhTozZUDkyU5og4Tdwvdh4zD0vItJVWOYbB0zBR1ppm5WqyWa05P5FMhZaW0_wLooBFUx0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEN37wRLTnxwAuaJITC8u9M4&google_push=AXcoOmTfydyuK2bpjoEnenx50p6gsLhTozZUDkyU5og4Tdwvdh4zD0vItJVWOYbB0zBR1ppm5WqyWa05P5FMhZaW0_wLooBFUx0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN37wRLTnxwAuaJITC8u9M4&google_hm=ZWu7Zxts9LHPbwHFX0MzKgAADGUAAAIB&google_nid=index&google_push=AXcoOmTfydyuK2bpjoEnenx50p6gsLhTozZUDkyU5og4Tdwvdh4zD0vItJVWOYbB0zBR1ppm5WqyWa05P5FMhZaW0_wLooBFUx0

Request Chain 220

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC458yADYpvNQ1D0rhFXw08&google_cver=1&google_push=AXcoOmQfKsH4r5yWw5q24LHDIbTobv2u09nNcl2XBVvevno-sfMK6iKj6TFszEVnaoRRD5M9nr4_ccpX2wyrhxWbhbm-9ZhxCrw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQfKsH4r5yWw5q24LHDIbTobv2u09nNcl2XBVvevno-sfMK6iKj6TFszEVnaoRRD5M9nr4_ccpX2wyrhxWbhbm-9ZhxCrw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1701559143902 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f6eb8de4-9b5e-4ae2-83f6-4bf6603d075a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQfKsH4r5yWw5q24LHDIbTobv2u09nNcl2XBVvevno-sfMK6iKj6TFszEVnaoRRD5M9nr4_ccpX2wyrhxWbhbm-9ZhxCrw%26google_hm%3DA_brjeSbXkrig_ZL9mA9B1o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQfKsH4r5yWw5q24LHDIbTobv2u09nNcl2XBVvevno-sfMK6iKj6TFszEVnaoRRD5M9nr4_ccpX2wyrhxWbhbm-9ZhxCrw&google_hm=A_brjeSbXkrig_ZL9mA9B1o

Request Chain 221

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEClhvID20XmmpbKxIChl9OI&google_cver=1&google_push=AXcoOmRjwTBfDMh7tsxsLfq5navJKfIRrleFMAY2uynmOFgj7TydeUvygm7BzhVxC836nuYzWGpaGuteLfR5SDxnWMX5anBv0jfbHw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRjwTBfDMh7tsxsLfq5navJKfIRrleFMAY2uynmOFgj7TydeUvygm7BzhVxC836nuYzWGpaGuteLfR5SDxnWMX5anBv0jfbHw&google_hm=YPS4L09pQFWzGHM8eYm_DGw

Request Chain 222

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGwnZ_YL6ObfdMNoKkkUA2Y&google_cver=1&google_push=AXcoOmRybZ09dGiDTnPMHupMTn9MLcyfm9MtcSuJcOju16BqE3mTK7Zvpz9td97qujRFTHVP7uP0dsl6V6FvaUMzJhE16jhc11Q9 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGwnZ_YL6ObfdMNoKkkUA2Y%26google_cver%3D1%26google_push%3DAXcoOmRybZ09dGiDTnPMHupMTn9MLcyfm9MtcSuJcOju16BqE3mTK7Zvpz9td97qujRFTHVP7uP0dsl6V6FvaUMzJhE16jhc11Q9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MTY5Njc5MjQ3MTUwNTA4NA%3D%3D&google_gid=CAESEGwnZ_YL6ObfdMNoKkkUA2Y&google_cver=1&google_push=AXcoOmRybZ09dGiDTnPMHupMTn9MLcyfm9MtcSuJcOju16BqE3mTK7Zvpz9td97qujRFTHVP7uP0dsl6V6FvaUMzJhE16jhc11Q9

Request Chain 262

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA9f4q9seXMqChnsZRW-SbA&google_cver=1&google_push=AXcoOmRlrKJhKsmSzLfu9BIdK95WmvW120Do_ZSX0erL7NjCETboYfosC8UBA0IG4R8ASQyt8zu6xbevqfi4o53oADvzKK7I3t0rLMBrKldHvdRZAJbsOBpEnAEeqV7vEj-McGiipvShHx8KkVFBCcezCvEP HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA9f4q9seXMqChnsZRW-SbA&google_cver=1&google_push=AXcoOmRlrKJhKsmSzLfu9BIdK95WmvW120Do_ZSX0erL7NjCETboYfosC8UBA0IG4R8ASQyt8zu6xbevqfi4o53oADvzKK7I3t0rLMBrKldHvdRZAJbsOBpEnAEeqV7vEj-McGiipvShHx8KkVFBCcezCvEP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SVVqbFkzZ2IxUjl6Z2s1&google_gid=CAESEA9f4q9seXMqChnsZRW-SbA&google_cver=1&google_push=AXcoOmRlrKJhKsmSzLfu9BIdK95WmvW120Do_ZSX0erL7NjCETboYfosC8UBA0IG4R8ASQyt8zu6xbevqfi4o53oADvzKK7I3t0rLMBrKldHvdRZAJbsOBpEnAEeqV7vEj-McGiipvShHx8KkVFBCcezCvEP

Request Chain 264

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEILuFLbs5CqIULAC9ceYLYQ&google_cver=1&google_push=AXcoOmRu7WW2BIS4kHWsYzMFO9RpBtCz5jeiIbsjmYtlHeyz3gQDFX44yaNsgjRnliPifIr2iKYf0kcizm1dIB2fhJE7R7cy5Q2xPDazJwx1G3Nnt1NwyQ6XpYwvN5AwS_ZDgAP6PXpJvLF1pXbd40jwGfd9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg0Nzg3NzEyNTkwMTg4MjA1MA&google_push=AXcoOmRu7WW2BIS4kHWsYzMFO9RpBtCz5jeiIbsjmYtlHeyz3gQDFX44yaNsgjRnliPifIr2iKYf0kcizm1dIB2fhJE7R7cy5Q2xPDazJwx1G3Nnt1NwyQ6XpYwvN5AwS_ZDgAP6PXpJvLF1pXbd40jwGfd9

Request Chain 267

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC458yADYpvNQ1D0rhFXw08&google_cver=1&google_push=AXcoOmRhmtuZzF3KMdd6_uSsqlAOOEPv8Ew0PXqUFYMmMVPv3oROKHjaDoa6qREQXXGY4-ZAzIDsXwfivOkB0k45NX9Jf5gb0DVZAYlBqJHSEn9MtghUeNQ-SzdY6VniIqrBD2D9VmLZRXGOWmCBF7nprGdE HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f6eb8de4-9b5e-4ae2-83f6-4bf6603d075a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRhmtuZzF3KMdd6_uSsqlAOOEPv8Ew0PXqUFYMmMVPv3oROKHjaDoa6qREQXXGY4-ZAzIDsXwfivOkB0k45NX9Jf5gb0DVZAYlBqJHSEn9MtghUeNQ-SzdY6VniIqrBD2D9VmLZRXGOWmCBF7nprGdE%26google_hm%3DA_brjeSbXkrig_ZL9mA9B1o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRhmtuZzF3KMdd6_uSsqlAOOEPv8Ew0PXqUFYMmMVPv3oROKHjaDoa6qREQXXGY4-ZAzIDsXwfivOkB0k45NX9Jf5gb0DVZAYlBqJHSEn9MtghUeNQ-SzdY6VniIqrBD2D9VmLZRXGOWmCBF7nprGdE&google_hm=A_brjeSbXkrig_ZL9mA9B1o

Request Chain 268

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEClhvID20XmmpbKxIChl9OI&google_cver=1&google_push=AXcoOmSk7nUS6PAeOQ5702qIMPj3oZJ37yWbMLDKbreGmUpkzB9cJft5XPONVy_srR_MYvoCJ6QHrV2yqSZsL9QtJ-8NV8omrhbMoS5C-I5UBf5_HjxFNO_ML3vHeYOeWSu4pwVHtyRR3wL-a_fY__usSQhggQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSk7nUS6PAeOQ5702qIMPj3oZJ37yWbMLDKbreGmUpkzB9cJft5XPONVy_srR_MYvoCJ6QHrV2yqSZsL9QtJ-8NV8omrhbMoS5C-I5UBf5_HjxFNO_ML3vHeYOeWSu4pwVHtyRR3wL-a_fY__usSQhggQ&google_hm=YPS4L09pQFWzGHM8eYm_DGw

Request Chain 300

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1701559144_2f34d810-9169-11ee-ba35-226154e726d7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 304

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPG4-eLx8YIDFVH0EQgdPjYOug;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120300190490984991077X117703V1226132702MSviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991077X117703V1226132702MSviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117703&partnerid=12218

Request Chain 307

https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=456654&produktid=Freshmoney&dt_url=

Request Chain 313

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1701559144_2f339f90-9169-11ee-ba35-226154e726d7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 316

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIi7-eLx8YIDFQrsuwgdIroI_g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120300190490984991079X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991079X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 319

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 350

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNjJgePx8YIDFRqf_QcdHEkOCA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023120300190490984991081X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991081X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

368 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.xgcartoon.com/ 186 KB
30 KB 1119ms
547ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3baf2f6bc02db701e4cc7cd6d27070e7f40fe18e4e2af560e0f1f8adcee9d2e4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 23:19:00 GMT
etag: "2e8d4-kAMBuHT64O9KpfyAibkdt7DxFO8"
expires: Sat, 02 Dec 2023 23:22:00 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 156ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d686f2ab1157df64803644aceb025dda3e21438ee6167951feb732b82c163c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73067
x-xss-protection: 0
server: sffe
etag: "1283125788d1ffce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 201ms
93ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3bb5c4c7e8374c09a71c311ceb84321f80ad0d6b811873af0e4dedf3e7c07e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23129
x-xss-protection: 0
server: sffe
etag: "f4c844bd31ac7613"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 231ms
142ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e95fa1e948cfd2fb74c5881103cc59bb4f5bbda758baa745d1743b84f565f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9439
x-xss-protection: 0
server: sffe
etag: "a564186f540482b1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 amp-base-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 33 KB
9 KB 212ms
123ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-base-carousel-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71a8600692e23209ff0ec17ad711155429394864c88f50066140bc9ddf58a9d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: sffe
etag: "b91fed0448b75fbf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 49 KB
15 KB 236ms
147ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf3b308e2c655d9c31a96a801c4a8c5fe7571b73236f5e276c97db8e4dbbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14969
x-xss-protection: 0
server: sffe
etag: "9861f05f46b65040"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 222ms
133ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f5f1406b1e5c95bed5f838345f7e04d61eecce91c072c443ec02db1e521268

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15379
x-xss-protection: 0
server: sffe
etag: "1da763b4481d1ced"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c4e10957066ca2ed15bd83d72a98619b6491a6c0852289b5d0f1798b5a45a5e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10353
x-xss-protection: 0
server: sffe
etag: "f0e15d2b1effa5b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc44c1f86ee04baf5c9f6282f887200d328a419667d1d1e5cd3a3423a057e6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32240
x-xss-protection: 0
server: sffe
etag: "6c561bf69fb7c6ef"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

704717b850344b943d6d4848ea23561feb990e21449a0a193e255c170ed2a201

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 23:19:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4740
x-xss-protection: 0
server: sffe
etag: "0657f7a786b94a3e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 02 Dec 2023 23:19:00 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
467 B 261ms
166ms Image
image/gif 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 82f74ad5b9cdbbfe-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 287ms
287ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:00 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Sat, 02 Dec 2023 23:22:00 GMT

GET
H2 200 stay.png
www.xgcartoon.com/img/ 128 B
325 B 289ms
289ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/stay.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 14c55deaf7ebe64eb047f2deeff0f12615193ff170e0693bebd2b51991751bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:00 GMT
last-modified: Fri, 02 Dec 2022 17:11:13 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"80-184d3d21b68"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 128
expires: Sat, 02 Dec 2023 23:22:00 GMT

GET
H2 200 up.png
www.xgcartoon.com/img/ 232 B
428 B 288ms
288ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/up.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 13e6a7a86b66aec6cc0cf1441a042fa7beaedbab5dc996b0341301518a1f55af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:00 GMT
last-modified: Fri, 02 Dec 2022 17:10:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"e8-184d3d1ae08"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 232
expires: Sat, 02 Dec 2023 23:22:00 GMT

GET
H2 200 down.png
www.xgcartoon.com/img/ 266 B
463 B 287ms
287ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/down.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2661dcb6bfa9b71c39c54788bde5ea88003db9f7384c04e66d6f7926fdba8894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:00 GMT
last-modified: Fri, 02 Dec 2022 17:11:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"10a-184d3d1e8a0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 266
expires: Sat, 02 Dec 2023 23:22:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa3ecba51fcbe3806a57d12638c9e2760902fef8faa7bfc5b4e0214ed36848b7

Request headers

Referer
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 daxiaojiehekanmenquandaxiaojieyukanmenquanriyu-chuchun.jpg
static-a.xgcartoon.com/coverw/ 5 KB
5 KB 877ms
775ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/daxiaojiehekanmenquandaxiaojieyukanmenquanriyu-chuchun.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf8320abe90f0b566bbb7997c1d5269403a16be82145d4935efd96c369878f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 30 Sep 2023 08:19:42 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "06A0B0309BA981980693FF16BB713B42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGM3vMSze0XPS5N%2BbJnTKrOrmnINTum04KBXaahMY%2FNAmB2S5eeiFBeJn1gfIrfV42HiL6K0Y0ZucqGFP82bOWM%2BNjJd3AlxIsaQJEwlUEQ3EGZsviMnkGLG7n5APa6gEr%2FQ4BgOyU9ivfI0Kxvg5ftPAwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad7fe133609-FRA
content-length: 4716
expires: Sun, 03 Dec 2023 02:29:30 GMT

GET
H2 200 xiangdangmaoxianzheqianwangdoushidenverchengweisjixiangdangmaoxianzhedenverdaodadoushidangledengjisdemaoxianzheriyu-mensishijia.jpg
static-a.xgcartoon.com/coverw/ 88 KB
89 KB 1104ms
1002ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/xiangdangmaoxianzheqianwangdoushidenverchengweisjixiangdangmaoxianzhedenverdaodadoushidangledengjisdemaoxianzheriyu-mensishijia.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e358711eab7bbdacde3e4d3eb925d04438f07358f0dad5d22a8818fc9771c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Sep 2023 08:22:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "20979B22CCCCF2F971F5EA653CDD5998"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2l5n3LBtQ8VuKiw4pCvsglYxHjK32uXc1bic%2FnIkW2znosvudpXs0nTzKXZLfU6R9H1R8LtdMVkwr3g4i%2FWxzt93AlJ716ihbhMSdWYC3waHvAcczByr4bb%2B8BmadKVOUrpyPqay7W0Up6V4idJAyC49D8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad7fe113609-FRA
content-length: 90509
expires: Fri, 01 Dec 2023 03:12:05 GMT

GET
H2 200 zangsongdefulilianzangsongzhefulilianriyu-shantianzhongren.jpg
static-a.xgcartoon.com/coverw/ 16 KB
16 KB 881ms
779ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zangsongdefulilianzangsongzhefulilianriyu-shantianzhongren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef4d8e305ba6d28a0b9efb307e16112274ace9cbc43c0a760913eb9a0881c30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 30 Sep 2023 08:24:34 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "EE150326E2ECFC4798E42590D0D49BD4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ%2FgHKUJn0KKWCT4GNsOQBknWtH9Lw1FWzHtlXA%2Fr9nxqaSXIkIFpkg%2BQUa%2BchqAayu%2F7U0l8HX6BFNGl7wdS52k8HQBE2M8I0hmErId8Q8yfPXm%2BPkKfjJtkPm09Mkggyx7NGvfib5c28GWQUiXxAOVKLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad7fe0f3609-FRA
content-length: 16110
expires: Tue, 05 Dec 2023 00:14:14 GMT

GET
H2 200 shoulongrenlagenaragna_crimsonriyu-xiaolindashu.jpg
static-a.xgcartoon.com/coverw/ 10 KB
10 KB 886ms
784ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/shoulongrenlagenaragna_crimsonriyu-xiaolindashu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea7fca64b1f5e4f08b3a996a528b5cb1d3305956dec7502ee9c4f59f1c8762e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 02 Oct 2023 08:10:12 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "FD3AC5333F8DC9ED14A57DF2658F75A1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlMj6QvtbNbl%2FYW0BmG%2FKUUi7vgQJlYcJZdN59ClipC6hVlcHocfCw7QAjeJ%2B3Vla3FXxiNVENm4f8U5n5Th%2BrCjVX%2BZthlbrQ0beXZiLF3y24JyZEVzD9YqDICPkGzXY0KAJGY6BixPmjy2twpJLHUbYYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad7fe123609-FRA
content-length: 9975
expires: Sun, 03 Dec 2023 05:44:02 GMT

GET
H2 200 lieyanxianfeng_jiuguodejuyixiaofangyuantesouzudawu_jiuguodejusebuduiriyu-cengtianzhengren.jpg
static-a.xgcartoon.com/coverw/ 54 KB
55 KB 1081ms
980ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/lieyanxianfeng_jiuguodejuyixiaofangyuantesouzudawu_jiuguodejusebuduiriyu-cengtianzhengren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa1f27152e0d87361b0db046cae89137d3f1be8c804a2b77885e2c2ca1c8425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 08:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3B5E13E18911DA3FA9DC123A1FB1B960"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLjn5YY9UIVStNBet8%2F%2FOsElvIL7%2FQwfx%2FkEfq3qeO8zXPDW3oF%2FjTA5zw92dscUqAaMhxsYGEh8%2FWpcoDJfqH0c7ZNjDdMfhhWRdV63yb4TokJfwYb84fqwmKt8Md5Osl8BpFwJuDtHcWVlC%2BnQWkSAvIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad7fe163609-FRA
content-length: 55378
expires: Tue, 05 Dec 2023 01:32:12 GMT

GET
H2 200 duizhangxiaoyiriyu-gaoqiaoyangyi.jpg
static-a.xgcartoon.com/coverw/ 84 KB
85 KB 891ms
789ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/duizhangxiaoyiriyu-gaoqiaoyangyi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505587c1162ef2d4af495312c860628d42fdd2b3f5536834468b6c7ed186f070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9A55809126B6D6B5EB739038022074EC"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPl%2FrP5Okvr2qG22CX4Z8D6jvpD%2F9fvzA4%2F6ZwXWrgMJ9pSiLlfiki12TrESNwi5G0x3hfv8PvWBrLGBu7QVWJv0un0eNOk%2FTHhUoPizz1%2BpxNZYkxC5r6laPYV6G0qmRTE0iC%2Bt9NVSGtUORgKgulFBidc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad7fe173609-FRA
content-length: 86154
expires: Mon, 04 Dec 2023 03:17:40 GMT

GET
H2 200 overtakechaocheriyu-gaoshan.jpg
static-a.xgcartoon.com/coverw/ 54 KB
55 KB 909ms
811ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/overtakechaocheriyu-gaoshan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521f6fc33d7ede7524e5263c613a5db8df62c4a73a16a8147fdb385a88ec5350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2C1FAA685607ABAD7AE0057667AAFFCF"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9ZPknlpZZOcKxgLRTxwABkk9OWkMIRfRJ1rDeigzBSN0ysfh0Rdsow8inevEhwu2uONjKPflwpwCc2OUieiACc1E0Le5qnWCRvRemyJFZWP1VkMfui74sbFEojkHe8i8MVvRPdlv8mOxpSumaJISyfQVyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e423609-FRA
content-length: 55610
expires: Mon, 04 Dec 2023 21:00:05 GMT

GET
H2 200 aotumonvdeqinzirichangaotumonvdemunvgushiriyu-jitianmeihe.jpg
static-a.xgcartoon.com/coverw/ 69 KB
69 KB 342ms
244ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/aotumonvdeqinzirichangaotumonvdemunvgushiriyu-jitianmeihe.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce64723f400800084733cca3c44b432a1e33fe5df837915a477dab99dea9152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:26:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "575242576A34933AC4A524902C85872A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f81h5TW%2Bt8y0d%2FPJq7Tfu1V8ZTl3eWhyFaSFzbrcpcRYE3JMQClY3LNlzTXsybbwCfziAA83o1Gq6Uf4Kr56EZugioyt%2Bi6JNRXa9qEzhK08CRSqNAP3Qh5%2BcqEeM4XmnOxNhahtkGq4Idj5VtEErnaH%2B%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad7fe143609-FRA
content-length: 70628
expires: Tue, 05 Dec 2023 08:09:13 GMT

GET
H2 200 nitianxieshen4kguoyu-huoxingyinli.jpg
static-a.xgcartoon.com/coverw/ 69 KB
69 KB 801ms
797ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/nitianxieshen4kguoyu-huoxingyinli.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fefd09345b668fc2c8be2e1dac0e5fdad0e037db84b07962c0ef5ddb6c804b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 05:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "F936B0D930357EB1420E8E7692165EB9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7s39IcXNJR4fdgj2xm8%2FJR50hfUPegb7hAAhXFfs3O%2F%2Fb4OBlgz0Y7zBPsPnep5aEPxX%2F4KG58EzrM1oid76RfW%2Fh5nn6cXyT2SLLe91YjgAC4tGAd0f9wbEqFrQFdoaBMZJvNadsNzSojSlqD6PAX6l7uE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e433609-FRA
content-length: 70665
expires: Tue, 05 Dec 2023 01:46:50 GMT

GET
H2 200 shenzangguoyu-dayan.jpg
static-a.xgcartoon.com/coverw/ 72 KB
73 KB 62ms
58ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/shenzangguoyu-dayan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72e0e53345dad9730c52f80ac573b1103553bf860bdb97e682d214825211d766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 06:29:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159889
etag: "8B2E7F73113DA565259B2CDD64B45FBD"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6SxmmfjmVzeURUooEqP1OVbWNuWZ%2F8SpyB6q2El7S1vLO29BpFDfcQQxeZSPhimohxXfXbDX5x%2FGN6fEYFo7tBY00mxYN1fXJ0G%2F0cW%2Fcx3zg%2Fk41Elv9ty1ZchHtUBOQDV06r7F6vcVl9vERvWXh9cFa0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e443609-FRA
content-length: 73923
expires: Sun, 03 Dec 2023 07:16:26 GMT

GET
H2 200 niderenshengshiwolaichileguoyu-puzhong.jpg
static-a.xgcartoon.com/coverw/ 69 KB
70 KB 1015ms
1011ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/niderenshengshiwolaichileguoyu-puzhong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e5a59bd06924e897f3f8170823db5fa4919204438357172aa470e442232aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 06:26:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D1F869A30C9222443C3580CB6EB4023D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDilmAdxADEFIBlZXg7fsvzc3he1W9%2FZYAMZ0CIdawmUVputeDiGmqXCR%2B4raXXbEy4pnr0int35Zpq3poVWwnsYCYD1K9S8O%2BBiqsBE8U%2Fl%2F1jhSNgdWhVvhihg6G8ZjhZzKB8OJ%2FID3PSNSWkVBU00Z%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e453609-FRA
content-length: 70747
expires: Sun, 03 Dec 2023 07:25:24 GMT

GET
H2 200 jinzhanfashiguoyu-hudielan.jpg
static-a.xgcartoon.com/coverw/ 61 KB
61 KB 788ms
784ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/jinzhanfashiguoyu-hudielan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33a2f5f25c391fc75150a3034ebd6ac072945f97ecb572df2ba5ace685c023f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 09:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "B6CF6BA8847A9E051A54B308570DEB2D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LEI7EqDvReDmaowOi7L5gjqtELoVn%2F6dzDHa290wh%2Bvxe2kihvNvkQ62UMFJrScBpm0KtxK%2F4RCE3iUxS4vy1rLLbAvwkOxEE4auyjU1mbnxWF0D0cXUu27HCVCDjgx6VHRHX9HftSn7aPqqf1MczarUfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e463609-FRA
content-length: 61986
expires: Fri, 01 Dec 2023 11:01:11 GMT

GET
H2 200 wushuangshuguoyu-qieyingshi.jpg
static-a.xgcartoon.com/coverw/ 64 KB
65 KB 62ms
57ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wushuangshuguoyu-qieyingshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f41cdc29fad9db0b0ff1c365d9cee36da396346538b001d566a66f261be39df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 09:50:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159888
etag: "ED0F7E96FB240E4CC6EBFFD4151AEE35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7QY4ggkkbpNwavoGOIGd33amoVWTCYmgHBq8Rweav69sJF%2Btt%2FjX%2BMS%2BQJ%2FN4Q3ZVpmUtKcBMaFMR0J%2FH7O%2FoqSzoBXOH8XJX%2BJCVJJSLlMp9Mm6XCs7sskvKITIxtL0kO0aN2rk2Ke0BhjrdjVvGtvluU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e483609-FRA
content-length: 65892
expires: Fri, 01 Dec 2023 11:01:11 GMT

GET
H2 200 aoshijiuzhongtianguoyu-fenglingtianxia.jpg
static-a.xgcartoon.com/coverw/ 86 KB
86 KB 798ms
793ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/aoshijiuzhongtianguoyu-fenglingtianxia.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9482ef22ac0ff1fe12c7df21d2142a15aa40b0b58b746887ed7357324f26d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Oct 2023 02:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1BE8883BDD9CBA199D68ABA0421068A8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prNHNQBVPGY8wWaDQYZ5eqrbXCtvC3hfCqdxVEDoJKi%2FQ5P6LCYPzvglz1lGnjtJZ3VXDsgJVW1RZ0qwHv0JBJZ%2BveYX3Mho75%2FStGOH7r%2F3vuXr5uj5FRUMmkvqWksHPpEeOLwU6%2Bz3pqR04exj8iutZ%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e493609-FRA
content-length: 87840
expires: Mon, 04 Dec 2023 04:22:40 GMT

GET
H2 200 wudongqiankunguoyu-tiancantudou.jpg
static-a.xgcartoon.com/coverw/ 80 KB
80 KB 1017ms
1012ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wudongqiankunguoyu-tiancantudou.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51caf5c4f4e84fbdb340685b602bea060d4d87fab53f01f6a6f7ccb80cc489e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 05:58:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668C6F4FB565F1B929E65BF6F1705C33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJKWIsAW%2FZQqYyUisH2Rtil0E5G%2F0PrhRMNBYy992qVfzWhKeNmB2X264nmtHMWdBdP%2BGgLrezcIEjIJ733vTxOPJpWUm0s%2Bbr98D6ndDC8bBmnlX%2FGakcEBQ0r6mIyrMy%2BoeA25eJk%2F6d6jO%2FwmuycIjYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e4b3609-FRA
content-length: 81817
expires: Sun, 03 Dec 2023 08:50:47 GMT

GET
H2 200 busibumieguoyu-chendong.jpg
static-a.xgcartoon.com/coverw/ 79 KB
80 KB 98ms
93ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/busibumieguoyu-chendong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff146c82166afe0cf2e272fad7c1949b5cb6fbecffd3a5837d85a176f1759951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 05:55:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 206213
etag: "35B0403C3C5AC915F6C73E135A428314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SKBeFGyRDjzkvma26uWu%2Fl3FjCw4Z06PeLp7a%2FebEmQ9LxwdIlJfW9z%2BcnIZ8KUChj4gmVKePPrnwubbVUh0UUDvgYhdveMEEvR1BaDLGjQESnOpTU%2B%2B5RPLS%2BX9MSyVa2VoZgNtbyAPnmv72zOkuMopWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e4d3609-FRA
content-length: 80972
expires: Sun, 03 Dec 2023 08:50:46 GMT

GET
H2 200 lingzunzhizi_dongtaimanhua-aiqiyi.jpg
static-a.xgcartoon.com/coverw/ 82 KB
82 KB 814ms
810ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/lingzunzhizi_dongtaimanhua-aiqiyi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68d446f318242cb483c1404fb248a100ef152a579492b23752b4427954a096a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:23:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "948315BB2FB857884F1561F688E6F27C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ge7MEE%2FbkdN8UrCtXS8uVMPKQAPOtK6diWpPFbjPv%2FXJpOdRLOY8IFOuYceuhtD51v3fy%2BGMGxmz%2BAb7ABSiX5JhCIUmqcRJDBDKDKwl6Lr0qLtodPzjiZwHJMyRBd9snDyj%2B0WLvHixJ3%2B2BGkJ4H2bWmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e4e3609-FRA
content-length: 83567
expires: Mon, 04 Dec 2023 02:26:30 GMT

GET
H2 200 bahuangjianzun_dongtaimanhua-woheningmengnai.jpg
static-a.xgcartoon.com/coverw/ 80 KB
81 KB 248ms
244ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/bahuangjianzun_dongtaimanhua-woheningmengnai.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41060dd159c926287487f50a2d8e583c8c72e6121d1f5ffdc626dc6cf6bf4efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:25:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "A7D9B45ECA968201355BB03F8CB2FF18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jbXPOszOjZnyE51qBDJ1IRpuSjfDx%2B66WpLokWjq9o99Qq%2BoqIYZgN3YYN7Vw8VfBMGdo6Y4OdIUWlbZNg%2FvY1oUCXu0WDyPeIaQvwBB%2Faxt%2FayGfQ6nYlOXVIwc2cIzq5v7ZnnE9U7LWDhlv3%2BFdvP77A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e4f3609-FRA
content-length: 82157
expires: Mon, 04 Dec 2023 02:34:45 GMT

GET
H2 200 chenshuiwangu_chushihengtuizhutian_dongtaimanhua-taerxisidongman.jpg
static-a.xgcartoon.com/coverw/ 79 KB
80 KB 255ms
250ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/chenshuiwangu_chushihengtuizhutian_dongtaimanhua-taerxisidongman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad8677457876f632db38d31886a4f65dfeb50037c421ed20a9918fe60293585c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "189EC241E3F4BF6B48B573CFB959DA03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHTNvYrtvZCxOwZCT5A%2F7TVYc3hwgWYbzzNtJqFNOolnjegHRJx6MpMVRowSxeYujjKMHJtRWS9DxnDl%2FLcgRRevFdIx952sEIziAHAzhCviZUxZ98dHnpb4c6uhQ%2F8EkWD5c67HPB3TLih%2BMX5OznOuqJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e503609-FRA
content-length: 81101
expires: Sun, 03 Dec 2023 00:03:14 GMT

GET
H2 200 kaijuqiangwenliekounv_dongtaimanhua-xiangtianxigua.jpg
static-a.xgcartoon.com/coverw/ 81 KB
81 KB 841ms
837ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/kaijuqiangwenliekounv_dongtaimanhua-xiangtianxigua.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a343a1840f00a5db5891891069d57a2af26f4c1b80be9098252cadcca0b4e6bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "441C7D9C48ADD92C56645F75112A1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAah%2FvMwWDoz21N2qDGemjZs%2BwhPvpSPM5Hs7flv08%2FCmusOYKsNEb%2BtLmy0Vq4KkjiCZa98U5%2BCB8ZLDsE0g7GhzaqKEAMBkl%2Bwg9kiqb36hPYLtn1XTxUgu4N8Id2ia3eDHkCjc0GmYGVvDlNgmHd%2BXBI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e513609-FRA
content-length: 82987
expires: Sat, 02 Dec 2023 02:24:40 GMT

GET
H2 200 wangulongshen_dongtaimanhua-paipailong.jpg
static-a.xgcartoon.com/coverw/ 81 KB
81 KB 822ms
818ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wangulongshen_dongtaimanhua-paipailong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f365a523630bea5ea3533ec5c06b7db2297d14ccf662fe90aeba69d9ac3158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:32:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "39B918AEBD42D0FFC27FD6399F76C99B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rC%2FzMw74hK68ZmKlUI%2Fy4WVvL9y72WLCGunqWIs5aWPCkXC5HPHpgX4tgRAwxQLvqD5Bp%2FAPTi3ODEY%2BJ0x8zcNWu53XdCCKlcOIFSWXiDfg%2BJ42x68d225WQ0whbKhfcepJhaGHKBRCEbJaTMfzxWMifos%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e523609-FRA
content-length: 82534
expires: Sun, 03 Dec 2023 22:51:22 GMT

GET
H2 200 wozaiyijiedeshishenzhilu_dongtaimanhua-neoman.jpg
static-a.xgcartoon.com/coverw/ 89 KB
89 KB 62ms
58ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wozaiyijiedeshishenzhilu_dongtaimanhua-neoman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59a24724025aaa808fdcb5db803d2127feba310c2acf9acb0e5365b9a2b8809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159887
etag: "68B22A30E6B66C3A18BF426483A1D988"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49zWdauggJ84orZFZPnzfqwDJN0AYZGp%2FG7uK27CY3Bt5CxsSzox8cVgb13UEiQE9G8pWqvsDmxoWYJ9lOsT%2FCgwV8jCFwXhZvQmJpbvWn1MswW0X1wIpJ3bPp7tHwmv8i1FhUXC9PmrQ3dQZR5AaK25CK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e543609-FRA
content-length: 90958
expires: Sun, 03 Dec 2023 03:32:10 GMT

GET
H2 200 wosongkuaidiyoushenhaojiangli_dongtaimanhua4k-chuibuqidepaopao.jpg
static-a.xgcartoon.com/coverw/ 66 KB
66 KB 252ms
248ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wosongkuaidiyoushenhaojiangli_dongtaimanhua4k-chuibuqidepaopao.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af2b3c44d498d4ca737d2fbc0acdc882fc81ec81afc4c1b7d8548f9b52f64a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "BAB8ABA6F4F3ABBE8F4305EFABA84344"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVmynlvQuKR0rM8eVh7Ehs6P55akVbE6K5uGDpP5GKTi99grP4h4oyRg5ePggn%2FoBIKhG14V1QEufr3yHWkUVnSruNiAHMQZ07N6gp0H4VKzLd5mVUQNPGuWOBpNSK9hN2FoxC9Xv7Qq8KvU15EZnspC9GA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e553609-FRA
content-length: 67545
expires: Tue, 05 Dec 2023 03:07:34 GMT

GET
H2 200 zhanzhufengzhidajie_dongtaimanhua-manshengongchuang.jpg
static-a.xgcartoon.com/coverw/ 76 KB
76 KB 811ms
807ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zhanzhufengzhidajie_dongtaimanhua-manshengongchuang.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1917b964380fc9d01d1e73a79c4d7cd4c0e9ae2a34ae63ddbcd65cea655e9a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:36:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7B438FF2C085D78C499DB5A0F124083F"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Zd2%2BMKzAwDKJLJDJQErRm2sJgnfEPZXoSGzSr5uG7FNu4Rby0okwE%2F8JRXra5wMf9AE7yEl%2BiIoD1jaHj0ZFVNLHNxanU3Lojv7Idu5EkIziLm3KNbOVSNn5NFIICewZAM6qsOyMAeS0%2FAR%2BupeyG5njPM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e563609-FRA
content-length: 77699
expires: Tue, 05 Dec 2023 03:07:34 GMT

GET
H2 200 senlinhaoxiaoziriyu-zuotengzheng.jpg
static-a.xgcartoon.com/cover/ 27 KB
27 KB 812ms
808ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/senlinhaoxiaoziriyu-zuotengzheng.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7abe4ef543f967bd6fbc94fc40b81fd8a19428d105ba4d20d6f31783e81f74b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 18 Oct 2022 02:11:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "909670C9E71ED1B7F387FB0F463E740B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUahrV7YTFeQsOqw2ZnQuJ0r8oE3eOa1DZVV995RUpCicU6TEwFrKgydA20XE81dsrbUtkcKfetk5jcGsTUNsSpCPcmhI7KWSPj1otanKA2%2BLkvTGK56QnA%2F5Ky84ekqQNqq%2F0LliJ9dWKHspPs0hX04MkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e573609-FRA
content-length: 27507
expires: Sun, 03 Dec 2023 01:39:04 GMT

GET
H2 200 yiqidangqian_1-7jiriyu-datianhuangyi.jpg
static-a.xgcartoon.com/cover/ 127 KB
127 KB 782ms
778ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yiqidangqian_1-7jiriyu-datianhuangyi.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a1f2d2b3af5842dc4b63539230c2fdfef285afd76c1304d327daa0b51cd575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Feb 2023 03:03:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D12842BD1DAE25B413459A3FCFCC546B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdgXLXztZtX3o2z4xA7Wzcl0lHWdk7B9lbVK4GlH%2BSJ2R7ZQYzywON1DMlZ0JhP864GsZPdAfXzaVbqKY2XLiUd9Bj%2BQaMDE0UpdC0SAKOwPj4EzFriTAx%2FpAuQNilrw9jvTAD5dTcDG3VCJEh9XO0Nv3n4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e593609-FRA
content-length: 129796
expires: Sat, 02 Dec 2023 00:21:26 GMT

GET
H2 200 shanzhangzhuonongdegaomutongxue_di1jiriyu-shanbenchongyilang.jpg
static-a.xgcartoon.com/cover/ 132 KB
132 KB 1014ms
1010ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/shanzhangzhuonongdegaomutongxue_di1jiriyu-shanbenchongyilang.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed841005c6fd7c9bd183a289bb9e7bc9c7a85e90d370bfb9eb42f440b7ede73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 07:44:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "17421E25008222EDFE9BCBCEF2ADF721"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJxCLDN3oTEbEGQeutLm6s4kpR4%2B8w7yR6ztElvEeTPelvhuHgkTa5cmGUDi44%2B5KYGTguCkYZY2cj38Hsj1s%2FrSEAsWK2gWhoBlWJJVVAqPlanLghCnOsIYvwx9irV7f6JJ3p4Zp%2FFHRVGXRGBU%2FpzmXTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e5b3609-FRA
content-length: 134813
expires: Mon, 04 Dec 2023 03:51:25 GMT

GET
H2 200 maohelaoshutom_and_jerry_yuanbanpeiyin-migaomeidianyinggongsi.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 62ms
58ms Image
image/webp 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/maohelaoshutom_and_jerry_yuanbanpeiyin-migaomeidianyinggongsi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b0aa179f9950baa8375f953ee4a03b1606d0945ff3159dafa2c8bdcbb2d59f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 01:41:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159886
etag: "E5E81A81EBECBC8D433B057AF25B6B0B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcjSin5PmiwikEKlSo1jO6Yqef2U8kwQ2v7mmd4%2B%2FiJnBnxhlsVSBZehldilH3uH6E9qirbyf395M5HOl%2FU4ge%2BJG3ZFHPDbHwvMMSJ0K3V5r3GYlFQ0gcwsjwgLXoN7%2BdKWAdbxKw7ioEiNeNT6l1DVvxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e5c3609-FRA
content-length: 1816
expires: Sat, 02 Dec 2023 01:40:04 GMT

GET
H2 200 dawangbugaoxing_di2jiguoyu-shituzi.jpg
static-a.xgcartoon.com/cover/ 14 KB
14 KB 804ms
801ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/dawangbugaoxing_di2jiguoyu-shituzi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eda68a8d6e9cf6039971639882c4b78f652fd47545a11a66bffc39df959e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 00:57:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "478FA90B6BC5A45142B686383C3AF18C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZkhEVzkcOph3hmQBntrprD9oYXdxd%2B5PcRvAmLIgBc5O%2BsgwRn1KwEsUt4aYZ%2FsCPm7DbPO%2F3gR2DR4oZMFaOs%2BTBfovK2hSScX1Ji5A3G7l2FnlPsUDs8GRqi8ICsGL%2B2OiwYZleNnCEXmWJodVrDSNFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e5d3609-FRA
content-length: 13997
expires: Sat, 02 Dec 2023 03:02:42 GMT

GET
H2 200 ququbucai_zaixiayeguaiguoyu-yuanqiwadongman.jpg
static-a.xgcartoon.com/cover/ 15 KB
15 KB 808ms
804ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/ququbucai_zaixiayeguaiguoyu-yuanqiwadongman.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97d3325c01891167615327fef9cd173ac264f69bf526c15af006ad27f99eaf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 06:42:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "BEF514ECA2F8681E6F7AF4005C8CCDF2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFes5XQp1kp7wi90xrgD%2FYYi7qy%2BjHYQxOhcNmzgTKHyNqg%2BAwDYLB8s6MZnrSO4NrqhG%2BjwiYdng2s5W6hhupiTEUuXWEHbW1SzKZ%2FftKD5TmMZbEdGfXA2VE7a1FSOwBAIAFt4ClPAedAZY0S7Wkim2PI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e5f3609-FRA
content-length: 15000
expires: Sun, 03 Dec 2023 00:05:46 GMT

GET
H2 200 yizhichonghun_dongtaimanhua-kuangshengdongman.jpg
static-a.xgcartoon.com/cover/ 11 KB
11 KB 820ms
816ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yizhichonghun_dongtaimanhua-kuangshengdongman.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb41d948989c5c65e69966c145618e2db14c247ba6b92a6bb7bc62eb29ad634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 07:07:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "C051EEA0B9C1600DB5216E34275CEF3F"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1ol2LSLnOhsEjzeECiZGNv2eSqiTqCkOShpTSE4RADyEa%2F6jjtItVuRK%2FNV%2BRQwf4z2Tu8Fo6vySf%2FiL%2FaW%2FnWNvsCBDEP53pvbepcYx8QL6TgduYILmWPyplci4XjE%2FTbPC1j%2BAKjJ8w7FguiiWHTJ25Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e603609-FRA
content-length: 10954
expires: Mon, 04 Dec 2023 23:46:29 GMT

GET
H2 200 wuxianwangzhexiaodui_dongtaimanhua-youkushipin.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 806ms
802ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wuxianwangzhexiaodui_dongtaimanhua-youkushipin.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5e8e47f8c822a6b6949d92a6ae8666a793ba1f1a208f19b9cc696d560852cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 01:55:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "C8835D7A4279B9037D93823591E23FE4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGosqgyoFOVjful6VFxBC6DoNO%2BVJE41jjNm%2By31VLBRHkQXboJsYKGPZ3Yx5GTAIJ4Qq3y3XNtUyCPzbKiIdmPDbDouIJZXi3OD5%2Fzk8p4aBSwZWYUoXnoD02ob%2Ftkzva7vDTr7bktH5FJnvkv5lVawLb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e613609-FRA
content-length: 13798
expires: Tue, 05 Dec 2023 22:55:04 GMT

GET
H2 200 xiudoumodaoshidiyiburiyu-shenbanyi.jpg
static-a.xgcartoon.com/cover/ 3 KB
3 KB 815ms
811ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xiudoumodaoshidiyiburiyu-shenbanyi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45aff63862b7a85a48741e816ce3b9fdc7e2ea725e1f5989ceb47f502381a4d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 20 Oct 2022 04:56:35 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "F9364CF22F7C8152E974F570F4242ED6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUBEHhcQQxsFipr7Yrd%2F12XyJO88V4SHiVxAliPFeICq5leGIf4qX%2FcXdmk5gFj0Lu8oKAHakezTWbED4xQMI1qkO5ahKod%2FwhYFD1dwDVlR43H3VbCYFJpcYS0fDAbkCftAvUI0bQ6nnTaJ6rf5%2Bbt8WFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e623609-FRA
content-length: 2697
expires: Sun, 03 Dec 2023 01:39:06 GMT

GET
H2 200 fangyuquankaiguoyu-loujia.jpg
static-a.xgcartoon.com/cover/ 12 KB
12 KB 816ms
813ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fangyuquankaiguoyu-loujia.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326db4ba0a99427d55bb9b9c42decc77d1d07a925a3c0bede1ad8e1f511c82f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 02:14:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "BF325C19368B0FE3C21FDC47FB7A32DE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ9%2BYCv%2FDjemae6kf%2BT%2BCUVQRuUWFY9CuEavWAswzpvFJc5bmmyvcUiHRWT%2FNlTQWXMrf56ID6DiUDk3YBi%2FAtzbP3GGnbd3gVxsdZJlE%2Fhf3SZx%2BK6ivBZgsUKpg1GUMkSD5KUI9u311i3g%2F36X4LfrzpU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e633609-FRA
content-length: 12407
expires: Mon, 04 Dec 2023 02:01:15 GMT

GET
H2 200 mofajinshumulu-jinzhibo.jpg
static-a.xgcartoon.com/cover/ 3 KB
3 KB 858ms
854ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/mofajinshumulu-jinzhibo.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1550cde0e7d219960e9cb08513b187557f36f8492494b8aa84722533baa675c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 15 Aug 2022 18:13:29 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "9190D06529D3D2F33CF12DC938567CCF"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGhrphdsK85KF43JTQ1zBQNEwvdksw3MaIZegyEcIEAx5%2Bpu%2FbLiWsLUcrD%2FPC75WJuZeVN68fwddutymIFqC3NY7mxXIHL6ypOlaYDvwWlM%2BNRmqwZG3Gj2uNBgfJljzCcvZ3zahxFAZvEfTLcOPfUDgOA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e653609-FRA
content-length: 2883
expires: Tue, 05 Dec 2023 21:20:49 GMT

GET
H2 200 yishijiemigonglidehougongshenghuo_riyu-suwoshechi.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 787ms
783ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yishijiemigonglidehougongshenghuo_riyu-suwoshechi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe364619ca5af89c1517dc71bb790c4b2fc8ad68e40828b73d35c01a057f2820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 20 Sep 2022 06:49:20 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "C4FF63CA5522451C13043B0A23C7D8F4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atxHF0oOT2SkmoKVtP5cG86WMgkR0QPqVJa6r%2Bz%2BgBdUyg3rgrJIcguvZa3APB4LrPwRTR%2Bh0CtNrWLeVTJNRY14aW%2FOV5pbQpMiPIgdGZ6kgaENrX6fAIw1QDPHL%2BHUUJeOSnFfmETxecGAGYeeqUFVWBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e673609-FRA
content-length: 1896
expires: Sat, 02 Dec 2023 05:02:14 GMT

GET
H2 200 quanzhifashi_di1jiguoyu-guanzhenyu.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 809ms
806ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/quanzhifashi_di1jiguoyu-guanzhenyu.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4620eb8558321711185c5cf37ba11012a3d67617ab55060ce2ab0c7ebb1a5dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 23:14:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "B9344F29FC35FDD5A32F6916143E46B8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQqm0Cg9D3BuUMulDWKIhjvI2K%2FyS3f3QUmFGShPe56oi6VCQYQRlOxAvtfQOUK79msBYO887qd8Vr%2FFXZn%2FMXbV1FVDcggWYbOMUifLjlmXvsCEd1LN5NcUaFmvW3R8k%2FmDSDnm4SFve1LwJ%2FZXCrhpn3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e683609-FRA
content-length: 13786
expires: Sat, 02 Dec 2023 04:38:36 GMT

GET
H2 200 fufuyishanglianrenweimanriyu-jinwanyouji.jpg
static-a.xgcartoon.com/cover/ 2 KB
3 KB 831ms
827ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fufuyishanglianrenweimanriyu-jinwanyouji.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e1cc877a10a8eb6972d29ff997fcba4280ce42b896f3909cd932ba02fd5bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 11 Nov 2022 00:33:12 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "2C07F9FCE1FF84CA15BF3FAE2284DF91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ety5J9tEE6e7JleolQxR%2FQH3WBCENVxRdji99eq%2BK370iVnLeM1QkJ86dF7mkZHS6oz1rKFUCTplf3ekJYmGDbhbJRwD9rDhTbGz8sJyFWObtQZezUUohjAMMlMcnl0rMj0OqkKY3Z0uF3S27LMiml9zgdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e693609-FRA
content-length: 2390
expires: Sat, 02 Dec 2023 02:57:13 GMT

GET
H2 200 malajiaoshigtoriyu-tengzeheng.jpg
static-a.xgcartoon.com/cover/ 13 KB
13 KB 815ms
812ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/malajiaoshigtoriyu-tengzeheng.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59cff9a64bddf2deaea3effeb952babb3a012d05e7b1d3ecde5212f7c17b9a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Sep 2022 09:54:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "B643EC1285EBF7BEBB2FE21273DCA74D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rshRatuVx5xDDqZWWI4%2FHWhW7EyJdfID95NDIAksVv%2F06BCA47%2FYsMtaFr5zmJRpOi3w9z82Mxo2qlUjw1gKsV09Z1zfvoYJZMeivUcKu67AY6ACd42X0R8JOQTKLNE1Kqil7D4%2FbnBRPXV%2F2nnZNw%2FZeE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e6a3609-FRA
content-length: 13245
expires: Sat, 02 Dec 2023 03:16:05 GMT

GET
H2 200 meishaonvzhanshiriyu-wuneizhizi.jpg
static-a.xgcartoon.com/cover/ 5 KB
5 KB 256ms
253ms Image
image/webp 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/meishaonvzhanshiriyu-wuneizhizi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42553a5c5c21454807af7cec2bc459c0dcb08728f1175db01d196b2bdfc8bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Oct 2022 01:35:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3E3669DCE08F269784F773A3A0BB30C8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DD4CrJJKpoxZEbmoDwlilUov6u3UWSGX1sMHaeVLWCVfQl2Q5llIkjL8ra2PPAcVtXzWopfgAXnnaR4wDZfgwxsqgki%2BJR4k2PZLpKHkqO1gE10ylmLt%2FPWs41a18SSaDvzHTpAkGUR54A3ueR2BLRCPr78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e6c3609-FRA
content-length: 4672
expires: Tue, 05 Dec 2023 20:45:55 GMT

GET
H2 200 tianjiachongqi_zongcaifurenxiuxiangtao_dongtaimanhua_di4ji-baicha.jpg
static-a.xgcartoon.com/cover/ 5 KB
5 KB 806ms
803ms Image
image/webp 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/tianjiachongqi_zongcaifurenxiuxiangtao_dongtaimanhua_di4ji-baicha.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3523fe0bfc26b6aea6ba24d933045d533972c56d98371a9ad2f952afa3af4465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 05:42:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8B570B4703DC81B4249B18FA260FEB03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5SX1l7I9spupeBEothQECbFAY1Nn2uHCOcyfVg78B5SZUUXS6TP0OMbZQkuOVk0P2wnO9W%2FMTTHErkTz1fGvitZgAUd8GXkwwOKuS7QJ4AelzbDXVOGMB2I%2FrjBcXRcH1QlRCDDH%2BVd%2BwVV2q42xkJOvlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e6d3609-FRA
content-length: 4728
expires: Tue, 05 Dec 2023 05:02:22 GMT

GET
H2 200 zhongshengzhinuanhunqingchongqi_diyierji_dongtaimanhua-akewenhua.jpg
static-a.xgcartoon.com/cover/ 14 KB
14 KB 832ms
828ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/zhongshengzhinuanhunqingchongqi_diyierji_dongtaimanhua-akewenhua.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847677e364f632a14b284e72e3b92d136e77486f4efccb0e81aa6d62432994cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Apr 2023 01:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1A563ACA7CEF7E855881649900046C24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3hn4yB0iOBHjNSJG6OMWO%2F%2BJljhktiIiTE1n%2BrWWOtefXXkxeflQHqu9AhUK5nt7nU8OL8IcVmKd%2BoNb8Xg0UiJRPhG0goJKq4H%2Bb2hT9k%2B5MqNHBuUZqaDREkStFFCn7ZlggEWs3pSOsLanK5h8vVTpbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e6e3609-FRA
content-length: 13852
expires: Fri, 01 Dec 2023 01:48:29 GMT

GET
H2 200 huoyingrenzhe-anbenqishi.jpg
static-a.xgcartoon.com/cover/ 20 KB
20 KB 862ms
859ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/huoyingrenzhe-anbenqishi.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb41f5f31d4b2911ad91b5b7b05131f006837a6c2bba64dc0659266107431f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 17 Sep 2022 12:00:46 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "5BEBF4DF6CEFE84525479C0D9499BF6B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4IZMpgku%2FlUjxAYIU8r%2FcUN%2F2moFnK0poYCRJV6hRVhNZR53SKJ96rCYLjYoB7hmszF74X5IQp2Mw9RTrwhPoP3KodcO9EGXrq7kcBqTOgP8XHSGShCyYz%2BJcjHgO4ivXiSqJhOGPwoh406F8Ba2YGkuCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e6f3609-FRA
content-length: 20074
expires: Sat, 02 Dec 2023 06:13:18 GMT

GET
H2 200 lingnengbaifenbai_di3jiriyu-lianjinglonghong.jpg
static-a.xgcartoon.com/cover/ 2 KB
3 KB 818ms
815ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/lingnengbaifenbai_di3jiriyu-lianjinglonghong.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b497840fdc78d638af40eccc2c9fd9006670503964b7b8d7d84c5f8062ef25d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Oct 2022 10:49:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "79E4E799FC149BCB112B48BE58EA6B10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8jiB7j%2Fbr4S18TeuRPaKAqeVE%2BwNq9V67Ip1u7btOscbFkdiuJpQefBY87XBDPgxdzQnCeD7IqcgpFPxOxCvARjs61wwzNJWmpg%2BiJ1SMs%2Bz7GovLWonoF4utU0XyYM93DUWi3aBuzLvuclDZiiPV%2BKUu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e703609-FRA
content-length: 2301
expires: Sun, 03 Dec 2023 00:37:59 GMT

GET
H2 200 bulaizeaotemanchaorenblazarchaorenlibawangbuleisaguoyu-yuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 127 KB
127 KB 1325ms
1322ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/bulaizeaotemanchaorenblazarchaorenlibawangbuleisaguoyu-yuanguzhushihuishe.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d7e3dba795cc58a5bedbef6783f9e5151f51447f01b9e85e54bd16fb762cc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 06:03:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0446BB7F702C0E60EC9D518B32F179A0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4UsnmEKQZvjORMMx5VONYxkC6eitpLbQNjsHx805dr6akrJN%2BmgNjNsXqogTLPL3zSDIJgB8TUaVAXzA5GubGHv2sHsvg7SMHPN5xdMmLa0EOu2Qs%2BQOhjTDNn22JG5aIzw%2BOVrKm%2Fd6sZoxE56EXBmZF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e713609-FRA
content-length: 129743
expires: Sun, 03 Dec 2023 00:05:57 GMT

GET
H2 200 telijiaaotemanriyu-yuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 15 KB
16 KB 817ms
814ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/telijiaaotemanriyu-yuanguzhushihuishe.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc8d4c8057500621917b3d88c33f534d917b03234c4716c04ca483e3dfdd69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 01:33:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9484ECFE745A52D1CB3D1419C8357010"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZhhBOxgYeJWHtTAu9916LKVBCbnpeTa3dcosfmtHx7ZGPdK4vlYUE3ZiSAZkpQuq4EJPpZwEJ%2BNxf08qBw0HT%2BMZADZ49w5%2B735TkSVG%2FsYIcQxhEGny5soOKS%2FpJ8f9TY7rV0G%2BE9qYUUbtASeZj5QryY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e723609-FRA
content-length: 15613
expires: Mon, 04 Dec 2023 23:52:16 GMT

GET
H2 200 youyoubaishu-fujianyibo.jpg
static-a.xgcartoon.com/cover/ 17 KB
18 KB 808ms
805ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/youyoubaishu-fujianyibo.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 753107f53fa7b6669aea9980a59cbbe59f0d21ded66bd2dabe9ddbc24ddcb2b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sun, 07 Aug 2022 16:13:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "D7C5BA4A4C08A7C3445732535D7FFF06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5cLOvdrtXICDwK9yoCIfrU2biIt47dMOwcHXothWpHt266Z1CW0%2FF76mzbEQMcySWjYDodvbq38i%2FATkg0tQu4UmGwcs0fOlyKgM1%2FE9uz5zJsgXonGuMV6Pw1jql21Ixbf%2Bmpdq5L7NeXor8WQaCZM6zQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e733609-FRA
content-length: 17505
expires: Sun, 03 Dec 2023 06:13:34 GMT

GET
H2 200 wanyufengshenguoyu-litinghe.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 812ms
809ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wanyufengshenguoyu-litinghe.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3be69c4d77cd568b0c2d360918d62e86b33abfe1b08a2bb2c6993235a67d264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 07:15:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D3F7A84E6AF7F1EEF2956FB7592AC66C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iiw%2FDrkllzX3xJfYodmXvE%2F6aYQvSo70nTSV35%2FEy%2BMoI0tTm2pALa8K0sQLcyijx8r%2FSBgH6DT8yzFVbEfdD3TS5ZPamA38xm63%2FESIJ2vrTxwtqm%2BAHgmeofEFNGkRPHMAQI0mYPbcGc9csBDBXinZ7nU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e753609-FRA
content-length: 13324
expires: Sat, 02 Dec 2023 03:32:06 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012311171837000/v0/ 8 KB
3 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012311171837000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9490f2bb8d22cf23953bd1cc028e6405f228e7918b18aa914fa8f56ba9db0087

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 20:23:44 GMT
age: 356117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2981
x-xss-protection: 0
server: sffe
etag: "c752a0bdfe6b8e6b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Nov 2024 20:23:44 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012311171837000/v0/ 237 KB
62 KB 110ms
47ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012311171837000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66905b54cbcb4aad6d4ce03dba4a018cd9886cd6b92e3213fcb359f0dcb1ff3a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 20:23:58 GMT
age: 356103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63658
x-xss-protection: 0
server: sffe
etag: "3aab4475cf880e32"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Nov 2024 20:23:58 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012311171837000/v0/ 12 KB
4 KB 102ms
43ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012311171837000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

600d54e614ecc2e8c06f0cb077d8973485f4abd2eb0b7e62815b1b173eeaedbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 20:23:44 GMT
age: 356117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3937
x-xss-protection: 0
server: sffe
etag: "53fc57f869c7e77f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Nov 2024 20:23:44 GMT

GET
H2 200 mingzhentankenanjuchangbanhejiriyu-qingshangangchang.jpg
static-a.xgcartoon.com/coverw/ 76 KB
77 KB 102ms
50ms Image
image/jpeg 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/mingzhentankenanjuchangbanhejiriyu-qingshangangchang.jpg?w=780&h=376&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9476ddc842ed2592539716ef20aa025c571793b66f9c23ac206d11aa52e76f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 159890
content-length: 77957
cf-bgj: h2pri
last-modified: Wed, 29 Nov 2023 13:02:59 GMT
server: cloudflare
etag: "4FFEE1300AD48B525CF8F6E3046C0AB4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb1FB8e8GFEyFGH335YsMZd0F0T18iI94cJCRkmnT4VFXNs3VQ31Nz7%2BvmVZpv8g7TJ7W32PjErnUKJetgXj5WLZpQCeqtsYazWcOHrShW6iRQ4UlbauCi%2B%2BnqNU4p6gDxaMi4HD7K5FqWFkpSUf4dgFIpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad7fe153609-FRA
expires: Sun, 03 Dec 2023 06:53:47 GMT

GET
H2 200 jiandieguojiajia_diyijiriyu-yuantengdazai.jpg
static-a.xgcartoon.com/coverw/ 395 KB
396 KB 142ms
90ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/jiandieguojiajia_diyijiriyu-yuantengdazai.jpg?w=780&h=376&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c47d3627bd81682d8314d37d4e5f1f025ac1cb3be92bfff56bdc214791576555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
cf-cache-status: HIT
last-modified: Sun, 08 Oct 2023 09:05:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159890
etag: "249543CA39CA3B181E904028C2F0F379"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYpSS5NJ8pDna2ZfkRTjkva8Lv%2BDtAHHzTJgth6%2BELizBgyV0h0vmG8CxZgiaeppga0ltrAcrVr%2BAhUH6iG7NtIMZHry2tM4ZhVo%2B0nrN4kyRSbEiq%2FZ8oPavYqdj9xmfrP1scI%2F3C0nN%2Bhx1K1BKGUa0gs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74ad83e403609-FRA
content-length: 404248
expires: Sun, 03 Dec 2023 03:27:06 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 353ms
266ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_header&adk=807729522&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=1363681995&nhd=0&adx=436&ady=80&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141205&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=571&dtd=17&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bbaf17c8c30beabbf374bf96ec02a7aa68cf828859bd571b4cad450531a5471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13756
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: COfGvOHx8YIDFZaxewodzwkLkg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663415
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:01 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 263ms
178ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_1&adk=1345413239&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x100%7C320x50%7C300x250%7C300x100%7C300x50&output=html&impl=ifr&ifi=2&fluid=height&msz=0x-1&psz=0x-1&fws=4&adf=842741550&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141205&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=571&dtd=19&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78c10bbe3c0f2a94ec98de44c61b6897f46e3fe6a0b26bb856dea23d072d45b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 320x50
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13722
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CPDOvOHx8YIDFZ7_EQgdkQkM1A
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027454033
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:01 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 602ms
517ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_1&adk=997395249&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=3&fluid=height&msz=1200x-1&psz=1200x-1&fws=4&adf=4107419727&nhd=0&adx=800&ady=637&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141205&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=571&dtd=20&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46d7354155ae38862dcff25e08d43c0ca18b2e719f64f2788484b867a360bd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13748
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: COvLvOHx8YIDFYZM4AodfoUFZg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027454753
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:01 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
42 KB 1902ms
1818ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1425218679&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=4&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=3343197514&nhd=0&adx=800&ady=2269&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=19&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d8689ae269fb24a86254326a03a67b6e48e62356a6f087399890292fb7013a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42992
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CIvVneLx8YIDFd37EQgdatwITA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 2272ms
2188ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_2&adk=665818911&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=5&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2267600489&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=20&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

069c783d4fca7be9b800a0ba42e5a3424d7845eb95fb517c099b51e9a15aaed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13701
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CLbsvuHx8YIDFYD6EQgdCzwJSA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399041
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
42 KB 978ms
894ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=3860582034&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=6&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=757795631&nhd=0&adx=800&ady=3232&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=20&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b853f904253eea1ee9d2ffca23881402056d2246200698f0c0942d1fba82ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43050
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CLej2OHx8YIDFcV24AodjO0E4A
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 1461ms
1378ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=1395775898&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=7&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=66028269&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=21&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c1787e4ddda5f99fd058f8f0cb4a8a87329111c9d3b0210c6e2b12c6889d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 120x600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13697
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJ3HvOHx8YIDFc4AVQgd2HMH0A
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351398969
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
42 KB 2213ms
2131ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1246061670&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=8&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=4291690939&nhd=0&adx=800&ady=4195&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=21&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f56d73323fb89dcf3512e4109510602cf73e7166d0071bbab3bd0b4a68f46a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42904
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CNjUr-Lx8YIDFWQDVQgd7GEBEA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 2028ms
1946ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=3382497679&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=9&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=387331864&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=22&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e1b215c343b9807e0c23892cbafe8dcd798ee9703fc7bc0f8138c281cda2211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13724
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CIHkvuHx8YIDFYgr4AodHGgOmA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
42 KB 1151ms
1070ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=3639063491&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=10&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=2473948382&nhd=0&adx=800&ady=5158&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=22&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f141c6bafd6bd1a09ddc11737252ad4a2829b03d1eb05305c8749c87ea11ab19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42826
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CI3z7eHx8YIDFce2ewod_XUGxg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 1733ms
1652ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1451229007&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=11&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=366815570&nhd=0&adx=800&ady=6121&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=23&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28ef4eb615bd705c9a2e61a26253f0b1d6f9847611c5831a22f6a02e214f1ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13737
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: COLlvOHx8YIDFdwzVQgdKlULgg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324260118
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
42 KB 1644ms
1564ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=2355133382&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=12&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=1713749083&nhd=0&adx=800&ady=7084&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=23&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7fef66cdf3503c933ce00ef00b584844bfe2431675ee20d96b577c50f33c2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43171
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJDnjOLx8YIDFZg0VQgdL6MKOg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 1950ms
1870ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=1043970851&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=13&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1198440276&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2311171837000&d_imp=1&c=316989009714&ga_cid=amp-03o1Ht6od9_EwHhQPq89Sw&ga_hid=9714&dt=1701559141206&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=572&dtd=24&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a70aad1891dd495794f63739962949a29063d70c502665f36923ccfac30d676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13724
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: COThvuHx8YIDFRRS4Aodz4UPSA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663403
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 container.html
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 151ms
46ms Other
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012311171837000/v0/analytics-vendors/ 2 KB
886 B 39ms
39ms Fetch
application/json 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012311171837000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 20:23:47 GMT
age: 356115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "781294643f3bbb4a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Nov 2024 20:23:47 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 289ms
287ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Sat, 02 Dec 2023 23:22:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 132ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=9714&cid=amp-03o1Ht6od9_EwHhQPq89Sw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2F&dr=&dt=%F0%9F%8D%89%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1701559142&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3884 6 KB
3 KB 47ms
46ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B2B 6 KB
3 KB 47ms
47ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F21 6 KB
3 KB 48ms
48ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6279 6 KB
3 KB 45ms
45ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A906 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3884 24 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3884 25 KB
10 KB 137ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a59fe09536585382f18253eb140f8afa5b757c57875b85338a0d424f9bbf521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10296
x-xss-protection: 0
server: cafe
etag: 10555706313733798343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3884 202 KB
64 KB 148ms
61ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6B2B 24 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 6B2B 24 KB
10 KB 149ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e954813012e1c331127bedda4c895b6f95413719025ea76e0bf50d69eb7a83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10238
x-xss-protection: 0
server: cafe
etag: 7996755800762399673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B2B 202 KB
64 KB 247ms
174ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4F21 24 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4F21 24 KB
10 KB 162ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc83786b7989b9475c1f54bbd73c681758fedbb9e0be644d604ac3dfd97f970f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10243
x-xss-protection: 0
server: cafe
etag: 5790664850992741384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F21 202 KB
64 KB 251ms
184ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6279 2 KB
975 B 133ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 23:15:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6279 2 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 6279 24 KB
9 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6279 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 6279 20 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6279 202 KB
64 KB 184ms
129ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 6279 37 KB
16 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6279 19 KB
20 KB 146ms
39ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQC21pg6-ou2qV7vmW3SKpXIsF4A7C5P8IZb9tHa905MLIFfYzV3mU0VguTsQ&usqp=CAI

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82b91c403bb4593185c877340c69d6b279f57903e9ebeffac57536b748058d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options: nosniff
age: 281303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19478
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:18:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 28 Nov 2024 17:10:39 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6279 28 KB
29 KB 147ms
39ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 05:59:33 GMT
x-content-type-options: nosniff
age: 148769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28680
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:02:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 30 Nov 2024 05:59:33 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6279 32 KB
33 KB 139ms
39ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQfrEK6R0YDY20I9r1XJCowuTECuast6twW-JhoqXgJKErjNuV96OJvm7Pmi1c&usqp=CAI

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d3841af6833efbffb0cffba7ad72c14c7e398d2ad9a600bff96f888dde894d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:15:47 GMT
x-content-type-options: nosniff
age: 79395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32945
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 05:29:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 01 Dec 2024 01:15:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6279 25 KB
25 KB 187ms
80ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRNQ0-2xuZfNh2P99WmmEKD5vr3HPj7nmwR_MifsG6Cvpd8kvrtoDm6FA1-qWI&usqp=CAI

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9b1eb15c0ab4bd7c37458f34ecce3d1fafc4c7837bc8d406af18cf1a6ce2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:50:59 GMT
x-content-type-options: nosniff
age: 192483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25620
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:16:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 29 Nov 2024 17:50:59 GMT

GET
H3

200

4558490222349370582
tpc.googlesyndication.com/simgad/ Frame 6279
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg
https://tpc.googlesyndication.com/simgad/4558490222349370582

16 KB
16 KB

40ms
39ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4558490222349370582

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b960232209a48625cdde26c939de1bcfcbe82d31a7ee6960addfb3ecb34897f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:50:05 GMT
x-content-type-options: nosniff
age: 296937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16641
x-xss-protection: 0
last-modified: Mon, 09 May 2022 17:37:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 12:50:05 GMT

Redirect headers

date: Sat, 02 Dec 2023 17:14:26 GMT
x-content-type-options: nosniff
server: cafe
age: 21876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4558490222349370582
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 2024 17:14:26 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A906 24 KB
10 KB 107ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b7a2f2750bdf4d04e198e8fa34175b5ecdb0cd76f9ef6f848692202a212f274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10243
x-xss-protection: 0
server: cafe
etag: 10458776054978485086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A906 202 KB
64 KB 198ms
152ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A906 0
438 B 77ms
77ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8Y6C_rU_i7jJ3cc1_cY18-1SPUIW2Zlbt1RmvMIp10t93YPySNcQ7hNJz-6XyquDD8Cwmlab2eXASLY9Id_zRd_IOvq8D_uzSGskugFqr-1CRtmW98tS85Hjmm-tIluzo-Pwt1sjqsI3aHsikl8dhwngjy4IYtrBRVGUlYELCMbYnJOFhlJcyyJkL6YxF_27erNa63Um3gzZg-R52qANs9Y8u73OH7wUpLOqHUZ1aLuRED28b4iEj5BPhwTeCef9f6yNbvwISeuAGx3d1Y0tyKiuaykc1qBrBFPPOTN7udnnJWCS_pfvOI1tl3jbymSzN5JlyDPChZ8JI9nNCpDDaSw7yjGCZJZMo1USqY2cxsJ4_UVWGLZdJRmlFgFlTDknF22Q&sai=AMfl-YQqVQViunpBjFegiifJLX72tjbBuf5Z_LlNVtbPCMTqJKidGy_Z7rtf64JqWWv2ghw1W5e9pfkncENUQxj6Re95W99-4KOgqw&sig=Cg0ArKJSzHOBuq3h9Oh9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3884 0
292 B 76ms
75ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY-Gd9AChzIXuwq_EMEtlqNgB0ZGiqQbjrZgGe36AJtjn81ZQGwBOUQaZ2xQPsVA7_8QPk-SSqaWFgmIDGhtSaERBJ12sZjRlMF4soEi2VORquybzvODD80lgt9EKsRM_gq3YxCVcxLVPKcqvoaFF7NZsd55FuI_jXN6vqPfzhmltVTCs3rBKuRIdTCBABlzrV6nb0YXBm_IWzJQ-yGkd8b153qM_WVp-Vm_el44PMoK4Hlel2TjyJkzgOhPRN7TLSjfeUCXt0gICFHjom7-iYrxNLigQHNxwIwXsfFQ_AnBpptMwHCx1yj2K2sCSdPQ79hFp_Zt72c0sIn7fB1ZgFJzV03qjqqejGbTPjuysd4fPnp6B4Xls9z770O1lCf1RL7GbT&sai=AMfl-YRn_Xy1F7bc7iwyiQ1JGTgDXqVDXw_5lt3YZABjUu9wKWrl1JL-QRVcZUm7NmR8Ej-s-xQ5BAk7lIRHcruqD7MmNlJ7ACnLkA&sig=Cg0ArKJSzCMRGxXVvnKTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B2B 0
291 B 75ms
75ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0kUaPzjK3Zw9LMWbvorSOSac4Dm2MMvZo8_4j9snlC7vMTxnvSta6FCksD7Ftst-EqpVvX7PmoCMo3K5X_0pj5Dq0NDughJV8l-9LdZP0G2Hq6dEcUtUevAkIMMnZb6LQKS2EGtGZyy5R8oCLKuSCI4VQHPTTElTFvI7oMhz-ejbO5cgBxkiSjf7frPA5OAgeUMkMbG9kx3lFWjtTM8PingcPFb32D4KePeZHMP6QMuCPsUwAM0FGmTnJHFE_ak6sPSqsq3YhKGAQ9uGuATM3T12HlJLskjmjjXZX077OLcar577UC4QDi0oeJs-khRPI-Y68uH2nK5fwsGm-FWgPNTI4QB-2PK8FdueocB769JcOZ-MHIVq2pNoSCab4nQfINZ4&sai=AMfl-YSlNUEwItuVOKnLmsM3KIkxmtnCiNtX2_GiDhwACuExn90CQh4AIjcCTs9z9gRjpuTsdY1T_L-df9fcXYRUFs4pSQnjFqw-xg&sig=Cg0ArKJSzEIZDd0PTaAyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F21 0
292 B 77ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJIAQ513ijXnfs-14u7T1ubOos1r86uvQcfDdCAE7HIuiTH4yvMUpGAQ1gjQyM9N4nJ_lO6PmGyy5GgOnzuSkk_wWUm0ggZ-uGWT0dI2WyVT-kJMMbtCfTX_UqeGWLCkPudh66rsDkrixATRajQw6LEU2FhiEiFQwAaq2FQKXveG2AvrtgEmPwKlEqKP5lUBkbZWz82fxyl3DGvdmnZL8qvixisjT_wfjgZAhK7K8nOH2Lwfw8yj7dfK9FVYJ5nbbu_atMZRAiOgXXG0FXB4NPuXIKS16rlBsER_MM7mvtL6Zfox6nb1of2pxYI0DEflvsHQzHGcakpwSs-TT4aSRl_dz74BKo-8v3xsEdziSr_OjULhTMDBMnWfRrHZ_28Mv1x-WK&sai=AMfl-YRAB9--NKKxXmbMlmX_iGQ_l3YDb6vxM6-t_ZDVch6QtRuiWmly4MsM4rDR9R0-I5L4KEEpn9bMjIAyfgaRmtBgx_s0nOuPyQ&sig=Cg0ArKJSzBLKrYKfzyDGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
DATA 200
OK truncated
/ Frame 6279 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc4fb96d0938f6229193dbc764d0937314f28f6d7df9e114eb53372a81887c66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3884 147 KB
51 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98f34f9e068e359978b77bfc2651e28b7a57f0e2e8cafce8f8e05a85eeaa8bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51621
x-xss-protection: 0
server: cafe
etag: 4680564770734413637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A906 150 KB
52 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b96a74ef0cb12738ab70fba6392b32a09edba598e1f28cc55d5213d5ec1ef80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52728
x-xss-protection: 0
server: cafe
etag: 1791182285138355360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6B2B 147 KB
51 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff4e788fb849ce165ef44bff2cf61408a33936556fe11e5a3a5ff890ed462354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
server: cafe
etag: 15281420547118822920
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4F21 147 KB
51 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93a50b8330760b424485c8041922962a2bb82a9a97db683c186d114a434dd0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51614
x-xss-protection: 0
server: cafe
etag: 1297400562454704898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:02 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ Frame 3884 398 KB
134 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com&bust=31079889

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e944cb821379d14043028244b6d377895525bd899326c5229dbb7efa1c11481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137521
x-xss-protection: 0
server: cafe
etag: 10598258900527970088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
DATA 200
OK truncated
/ Frame 3884 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 592eeef01cf487643966daabb34296ed16931963aa1c3e2de4f817934958bba1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame BDCD 9 KB
4 KB 124ms
38ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ Frame A906 398 KB
134 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com&bust=31079860

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae34df2f34c71a859303579488adbc712670934b93f40fa108b9b9247e3be14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137666
x-xss-protection: 0
server: cafe
etag: 17511720679511033815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ Frame 6B2B 398 KB
134 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com&bust=31079890

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ead55e5b5d6daaf000e369206ee0dde082ee6cc18236705f1d2f878bd82af0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137566
x-xss-protection: 0
server: cafe
etag: 1161350971312175888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ Frame 4F21 398 KB
134 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f6b626d7aea971ac58c2b27b2493ae310be28a21486ade869f5f64f1569106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137525
x-xss-protection: 0
server: cafe
etag: 5461755492598770907
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
DATA 200
OK truncated
/ Frame 4F21 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92da4c99061d1ea0e284c70e3c6c7770639340e5014178ef76590eca3e1b8d10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6279 20 KB
21 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 50295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:20:48 GMT

GET
H3 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38D9 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 12E4 603 B
112 B 538ms
538ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142860&bpp=124&bdt=158&idt=317&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3008546054&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532604%2C31078301%2C31079889%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072%2C31079890&oid=2&pvsid=1611315753300357&tmod=1858562904&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.fq87ks6ebzlh&fsb=1&dtd=323

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com&bust=31079889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F4C3 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 38D9 2 KB
662 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 22:24:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 38D9 2 KB
822 B 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 38D9 24 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 38D9 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 38D9 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38D9 202 KB
64 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 38D9 37 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5752 38 KB
16 KB 472ms
471ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com&bust=31079860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d825f39281584355ff730de12a756c27c13b757b1ea7fec94e3a78a0cbd1472a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 38D9 19 KB
19 KB 41ms
39ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQC21pg6-ou2qV7vmW3SKpXIsF4A7C5P8IZb9tHa905MLIFfYzV3mU0VguTsQ&usqp=CAI

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82b91c403bb4593185c877340c69d6b279f57903e9ebeffac57536b748058d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:39 GMT
x-content-type-options: nosniff
age: 281304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19478
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:18:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 28 Nov 2024 17:10:39 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 38D9 28 KB
28 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 05:59:33 GMT
x-content-type-options: nosniff
age: 148770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28680
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:02:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 30 Nov 2024 05:59:33 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 38D9 32 KB
32 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQfrEK6R0YDY20I9r1XJCowuTECuast6twW-JhoqXgJKErjNuV96OJvm7Pmi1c&usqp=CAI

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d3841af6833efbffb0cffba7ad72c14c7e398d2ad9a600bff96f888dde894d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:15:47 GMT
x-content-type-options: nosniff
age: 79396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32945
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 05:29:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 01 Dec 2024 01:15:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 38D9 32 KB
32 KB 54ms
53ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQU08JUZL7O4yAPEwaI_BIYOWj61Q0GpsELpL18gpOSzKwxhBTok4rsF42xrLQ&usqp=CAI

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d695e62a2f6236c29b6140648edf58d03a448cf69444431114dfcb8db866b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:37:59 GMT
x-content-type-options: nosniff
age: 2464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32979
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 04:04:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 01 Dec 2024 22:37:59 GMT

GET
H3

200

4558490222349370582
tpc.googlesyndication.com/simgad/ Frame 38D9
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg
https://tpc.googlesyndication.com/simgad/4558490222349370582

16 KB
16 KB

38ms
38ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4558490222349370582

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b960232209a48625cdde26c939de1bcfcbe82d31a7ee6960addfb3ecb34897f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 12:50:05 GMT
x-content-type-options: nosniff
age: 296938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16641
x-xss-protection: 0
last-modified: Mon, 09 May 2022 17:37:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 12:50:05 GMT

Redirect headers

date: Sat, 02 Dec 2023 17:14:26 GMT
x-content-type-options: nosniff
server: cafe
age: 21877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4558490222349370582
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 2024 17:14:26 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B21 47 KB
17 KB 436ms
435ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecad017aa512feedf86b2798998865ff2bddef1dd14dcc721a8087eeec379a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17302
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB01 38 KB
16 KB 457ms
455ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142907&bpp=162&bdt=191&idt=338&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44798934%2C31078297%2C31079890%2C44807751%2C44806139%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3717604420102411&tmod=1335754690&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n5zm4apcpr46&fsb=1&dtd=344

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com&bust=31079890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa38202328d0bb7b258008fe81806fb43a51f270997326fe03c19724868bdf3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F4C3 24 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F4C3 25 KB
10 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20bd92c1a6ef92eb120d689481093aa64dc6121a5b610f44ee047cca4d2fa43f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10282
x-xss-protection: 0
server: cafe
etag: 13329867870509513735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4C3 202 KB
64 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6279
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CwiuuZbtrZffcMMXtgQeM25OADoqCg8t0vor4m_ARo56d6v9AEAEg08vOMGCV-vCBjAegAeiv7IgDyAEJqQKHFnI5ikKyPuACAKgDAcgD2wSqBJoCT9A_jWQqltu0Om0_lWfAgEyZhF9c...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223122169606984456211%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%2...

0
0

159ms
75ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223122169606984456211%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223795069502716123441%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3122169606984456211","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"3795069502716123441"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3122169606984456211","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"3795069502716123441"}&andc=true
access-control-allow-origin: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 154ms
74ms Preflight
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CwiuuZbtrZffcMMXtgQeM25OADoqCg8t0vor4m_ARo56d6v9AEAEg08vOMGCV-vCBjAegAeiv7IgDyAEJqQKHFnI5ikKyPuACAKgDAcgD2wSqBJoCT9A_jWQqltu0Om0_lWfAgEyZhF9ctiFdJZOLGaO01JsiTmgAa9P03vXOyxX82wZNziJvMZuezJgontoIfo22s-e0hYJ_Pk6cynj0v5zcYh2JS6fV5EVkn5WIcN407VIscmFLiCRdkwBk1hSCysTssnLC4r7jeXPAteFaKZc_3o1l0UgmpQzketcdCyrMS1jRZILGS51CWZvrNHtaT47MLMhJJXH0TOa8tLl4jMasDxb09Yt56jSYNtb_gyDyDdWZg3GAW0Y8SmiKB1IYvN5T9hM3qjzcdo10niNsIHNizAwl-v8Qjf_8PpkNsVhj_vihXwjD94K03LKRcm-xt5F_bYRMUFYMCkriaZUXNk2qQtDYmCBfqyZA3woMwAToqvT1wgTgBAGIBfqp7JFNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQt-MC0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljwqrzh8fGCA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMImtq84fHxggMVxXbgCh2M7QTg2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=bc08kRcM76Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNvR_nHyXjFdMl2nj2GwXj3dzWCnSMDxgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 23:19:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame B9C9 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:50:20 GMT

GET
DATA 200
OK truncated
/ Frame 38D9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fd18ac3832da24efa8c6773ce9364db6b8f2098752e92ab07a2183be16b23ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 869A 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 38D9 20 KB
20 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 50295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:20:48 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 115ms
75ms Preflight
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CruHZZrtrZYuKOd33x_AP6rij4ASKgoPLdL6K-JvwEaOener_QBABINPLzjBglfrwgYwHoAHor-yIA8gBCakChxZyOYpCsj7gAgCoAwHIA9sEqgSaAk_QuQ743AXILw4AVOFDVxLo4ZtaqlR8E_RZ76sY8TxzTSFkAMtVWzxMBHG1tdMQOmavleO5lVra6ZlkpRz5D7JiMLEgHhcg5Q6yN6u5itfJDvmN8-trWduh9uDiRSeOcpcpaSOg4Kl9855JBxWt3dA0xZa7mzIDga8SnV7CP2zJOMJHqUAREqupn7ghAf6_EH0RUmrJVg9f7QDX2GPJfIKbXdTw8jX-LDx8TU_MBqOh2Im8ifc0HuW73Wu4AGzgTjuTZZg1tG7h1V7Pec04SaM3rbxf6I52yjr-lWK0tSt6TNWXatNUciXFL56uQrKB2PTuXbeSWnIc60xC0IoEg4n2VebGL1f3UTDhDNF2r46VoAPxNt96utmUlsAE6Kr09cIE4AQBiAX6qeyRTZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeA0JN3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEKKDA9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYk7y-4fHxggOaCR1odHRwczovL3d3dy5uZWJ1bHVzLmJpei9kZS9kZYAKA8gLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLiDRMIquS-4fHxggMV3fsRCB1q3AhM2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=T65ubLgIVDk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwDICaaNsMO10huGmu7zYAmq__LX5Cb42jcW4xgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 23:19:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 38D9
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CruHZZrtrZYuKOd33x_AP6rij4ASKgoPLdL6K-JvwEaOener_QBABINPLzjBglfrwgYwHoAHor-yIA8gBCakChxZyOYpCsj7gAgCoAwHIA9sEqgSaAk_QuQ743AXILw4AVOFDVxLo4Zta...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212759020497313085632%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%...

0
0

159ms
74ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212759020497313085632%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214144658280366429569%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12759020497313085632","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"14144658280366429569"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12759020497313085632","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"14144658280366429569"}&andc=true
access-control-allow-origin: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame ECB9 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:50:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4C3 0
26 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9DSOZaUXGlfq29mOClU2_lg0USzaDC2qqfW3hdapZ3xm4BZLs1E7lmrhldPefe4RZeIO0Yx_0E_pSxvoiKaRCy4iwVb2oL0Q44DnC-YT6OESm7S9Rs2pYWfqHai95XqNvKCBG8T6EANs266nNMV6Agz7xn_66Tc5GZ4WiQ9tqiQLzo-PES1jz7OCD5itLUrxvJKN2qZAb_MzEm8jXIMGt-7ywUxMOXweIWRsmU7NerggVLGyj_vkCcDn8fE0Gx2AG6dZW_Vsd8wagQyg1kSBaYdzDbD_JRiPvCnf1Q456hCSmv82Wife0J5pKTDkwrvlCzjZiIbaoZpUpB39XLT4gda1L6kU6oqCgOlsAYs-JfevtkdNK-JwNkbrGQgvhtDItiW8&sai=AMfl-YRg6xFUFEAtw362_-GI_WhSx7H37buZCvVKJ0sPRwGEBtBBNtW_nwivOUVpKrbd2km253OF7W5I45Uk_7q3Dup3R3CIXoNHMw&sig=Cg0ArKJSzNfV8crS7yFMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 869A 24 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 213791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 869A 24 KB
10 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc83786b7989b9475c1f54bbd73c681758fedbb9e0be644d604ac3dfd97f970f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10243
x-xss-protection: 0
server: cafe
etag: 5790664850992741384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 869A 202 KB
64 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F4C3 147 KB
50 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e51eff2e288772db84286a39878efdf29318f5c5ebed1d11a80db41416ecdae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51616
x-xss-protection: 0
server: cafe
etag: 9968619833342435989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 869A 0
26 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRtF03DEIodMkOhArxWuMeUNlpyn84si9-PLC66alh9XF0CSU-FP3wIx75OmXYum7O6KlEZIDj050rN6XesU93VMnopJNbaGPsk49UWgIJIKuqfiX5DPtzmTvlaUGABqOq-U274NeRl3EMSp6Pu-0KT0BCPwfa7rmvZMhaXGbNFPgrfK00l65CvkLBUMKnwk6T13hMbi9R5r_XXxRHVQTGSZ6WKU1rpG0801ILqJJMpJN_9y5SWbvkn9LJPcmjOKpc1sxsmZxaytDgjeNaRyqMQBZpa_NQ27HNoRI_BAFhhGIedtYAbCREOjnmt5M9BHGAY29Y7QBfjexGiRmm_mxQdYHR85PNyMRXnY39eB4731fsyNZwqVqEu8ongwCiTB-n-RI&sai=AMfl-YRrkjk5WFFS7vgnjt5_A309Q5DDyHNZa7HLv1DonHBv-Bqa97yIwQMG6JNQNc5TLb4lTCZZyg8wDnGRw-TfpNZ3ARGn0FMM5A&sig=Cg0ArKJSzNA1FqXr_7QrEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 869A 147 KB
51 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9c699e493c5843b90687dff18defbac291c039548e7a93a05faa3ee975de382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51684
x-xss-protection: 0
server: cafe
etag: 18245732622557771937
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ Frame F4C3 398 KB
134 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f56b85ba4801d4d46745fc28d6e4df93c75a765335d069ddd081be7dbff6698b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137521
x-xss-protection: 0
server: cafe
etag: 5338754421821612839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ Frame 869A 398 KB
134 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25d71f28c86f0cb0fce5270aad334c29e34f639cbc26f3a669ef1f7b48fd15de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137573
x-xss-protection: 0
server: cafe
etag: 14114856322252776332
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 container.html Show response
2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F0C4 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:02 GMT
expires: Sun, 01 Dec 2024 23:19:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 166ms
73ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 23:19:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 162ms
74ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 23:19:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F0C4 24 KB
10 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc83786b7989b9475c1f54bbd73c681758fedbb9e0be644d604ac3dfd97f970f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10243
x-xss-protection: 0
server: cafe
etag: 5790664850992741384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0C4 202 KB
64 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0C4 0
26 B 79ms
79ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjJT0bfpgCrjHO0tjwKoMikSxeA_C52cKz1gDN8ZfQtaOmpz-oRkW6wDIWn-aWsQOvDyc9-g-OeMu1_xpqheD9UdZjakh9jwbPaxXpBmvydo3zVctk5rosD-kn8qa1QWnFefZAO6SSCwmdcApi0JMnSKG1nknpdQBqp4fXdTdaOYTCxQjDCiZYuboh31gwCB75kqAKViv0FD0AO4Km0gTcfADyF7TIGEpeYEpFz1ZTZyjVG4ILSWbcoaUNA3pxLRu84dGYmOeloUfWwpgZ6K0mUvfBW7hli8JnLCEntrD9yhijsjX6qW3o212_qf2xSaZqHQmnzdU9NL_4YWpse87qJWI0qsKwt-vxRrvSueYCHKE8QDZN2WS-pQVDYJKM9gphFiI&sai=AMfl-YTcjK3FSTDLZHiTBvAf6bfaqa9hBus3T_POVHHhIAa2-G7Ey9DAXavtdtmpBhoTf-4FSf1q4iC5-IpdDurYrjP6kpOdbxSgxg&sig=Cg0ArKJSzDnXVw45a5b1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
URL: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB90 603 B
65 B 420ms
420ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046726&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143345&bpp=125&bdt=103&idt=240&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079714%2C42532524%2C44798934%2C31078301%2C31079861%2C44807764%2C44808149%2C44808284%2C44809071%2C31079889&oid=2&pvsid=3711935980509958&tmod=2237344&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bvgqzfh2vvp0&fsb=1&dtd=245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3E9 48 KB
17 KB 429ms
428ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f869ae348d57e23d9f35232f1a38322b607466533bdf10ece58954a36eab8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F0C4 150 KB
51 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca95cc065d6e6ad82de4f20aae8f26efa4b34a4805c550a97e466b39e4ed34e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52579
x-xss-protection: 0
server: cafe
etag: 10972603943598731305
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame F0C4 397 KB
134 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b94afceb7079c53d412cd1f3039baec8f3929127d5df60a62e53b5c30c6daf6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137288
x-xss-protection: 0
server: cafe
etag: 17446889311566157893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame EDB3 2 KB
1 KB 172ms
69ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kq2qxsczqcf49njxkm9bj57r3j5py9jb6e9tyz5r89d1wjtwe3js14pvwvkj5pe6h3d9wwmmjevqh0sj1wh87wdy7faaw8c7bj2kh4hv8sjnpz7q6tfagwxm97xvty53v4hvnqn3a50zn3cpc11sdtmabndakbcnm37zbvxfxhz911yajgbrprmhvc772qc035jffkmpjx5nbgf2z3zhw9awz6mz95tzxbz574y3kbxd99m2ryajpbjk6hxeaxxt410a4631favbkhd3vrzadhh3mnamat3efx8tjjmbgbgwk4r9sy9c5syt2hvysnpwx9v7brzyrwy0x080fdz9rrprx40f8rp72nzsg666nt5a93b2wtwd2q57v25qa2fsbayz54nj26nhr81w7jt0f8znzd4xpt8mcgw4s8t0685c6gaz4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e613d1375828a089c50e38cae1fff46d0a2c015f25437c89e4d3ff90e2c102

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f74ae8fd889a3f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:03 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5752 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E887 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 5752 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5752 0
0 138ms
49ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBwiWGnP_DR_osLJbS_xCYBWUlBFH50u2skjhlv4A05wHBffLMI5_oSmjlDOVk6tG0QgLY-I_9MQQOrjpOpSOSDJyt4Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5752 202 KB
64 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 0CD5 2 KB
3 KB 161ms
62ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gqrnczy34zvqhz0m3hf0fe1x790ehertarbdhtygk34rnacsp2ehh93z2hryqepqg8twakt58sn1zw3je28x1e9a3r9y000y8r6fmvvebgvxp4f3hezp3r1ez59fq11w4c51tvqq2yz7pd83pjfmbqvtwffdvn3mnawmq4r9getqzcfnhephx9zw5kybg2j66k9g6cz83qy3ypnzacdacwhxkarwd4nrga9ncv89qewhg598n4v6wjb9a9fvzyh3fca13rj6gan4dfa51qp95d8a013t5xxp5t49v2bcderfwsjqbz7rn872csw1rxh5hhvtbyhfsw461gddtc3w9nbzedyq8wjrf31y6bq1nq3mmf013tczv7mew670sn3hzza6x0sk65d0f4c10md8t7fznqmddq2wn3ev6eb1j2pr1tevr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc87fc1e98a3e6eb506bbc59f6502b5ad8f434941bc1b7e9ab0dc6b2bbd7f82

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f74ae8fd8b9a3f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:03 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FF70 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 83A7 1 KB
643 B 42ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FF70 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FF70 0
0 132ms
48ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJKoSAFR5POYJKU2-0IAjwINwJMBATgBO7rr0ITHWusb3-h1jLhL0YUjp3X6pZMQAbd9R5Jt8ts_4eyf8fig6hu214ZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF70 202 KB
64 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4AED 2 KB
1 KB 146ms
64ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h0hbpcqrbt66k1bc51x9fz9dp5ppkgrpg9es9w5hkc4qn9trh6jan9pk2r4m7f72qsexx7hcqjvjmrcnxq8wnnwykvbwx3ha6ny4kxkan7crmdhfx36cbhxyje6e1j2hjv24d2x2845ysmr2z3z1wenxy5ckf2ws1chcy8019ry3p90849dnc41v4b95beeea4hz6tsk3jekrg2e0epky0jq6q4q061tgvg24ecve5hyybvnkccvwm91tsz91x679tqvwd1yvpvgzewtaj59yp43w6nmf74gyke66nvmdr3vx4z9wf0e50tek602fb2x9nhr4zz765g6xv2fvg8weda1p00w10p7qyymp6grft5mpn3yvkm5cqh2dthrkfrd4bjyv92x1enspbvpvxnhg5gf26a2jgnrqk400td1jc32g0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142907&bpp=162&bdt=191&idt=338&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44798934%2C31078297%2C31079890%2C44807751%2C44806139%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3717604420102411&tmod=1335754690&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n5zm4apcpr46&fsb=1&dtd=344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2c2368e440642e17d8af1833b2fe8110b601807842cfd1242ab76fb65a3d21c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f74ae8fd8e9a3f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:03 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FB01 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F4BC 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FB01 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FB01 0
0 116ms
49ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYzciknS74nWI_4arPwQUeyYio4h3Ag_KEeVbztikCjPf32tQDuxO-KCwBhDW-O5oKQxC1JCTw7vZzKMHsmC5MioXXhw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142907&bpp=162&bdt=191&idt=338&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44798934%2C31078297%2C31079890%2C44807751%2C44806139%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3717604420102411&tmod=1335754690&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n5zm4apcpr46&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB01 202 KB
64 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3884 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIC4ccLddVIzwsIcnYjrFMF-7bgf0CDGwdnw_qHCVN816qSXZWuKwVWE8FULo-tfFAHX4eX8oNhNjng1MhWLZYKEszNQYvA1JZNX3YhROW6Ky__t7p0yZT1s4F0WssrL2olrHaQMr1LPtSE1pGQqOn1669aEMYMpziG1nejrKTpA6A1oEcJw0tI1ay-Y5johWl4zQ6FuBcY5U1JAIH-bn7awfqV_4KsbcubqqfM2oLDSXhJeJkblVl3WYH8fqaL1YznONzeheh939aE_hwFxn8XOtOGGqRirGt0wn0deJY_AHAEP3pmyb5Pnyko9VejQ39YCO93ki1w2zu9ul1w_Em2PHm68eDAfsZev8ShFx8eU-e1tvxWJLTLRyVuqDbPI68LZ9s_4o&sai=AMfl-YQ2Qr_3F1apfefOIU9yZeWZdTFbsrqYEI3A0vH06jepebFEbNYODNDYQ9e25fULmK__wsdVfuLa1Mn3KG5UUA8pTbIi5fMFSA&sig=Cg0ArKJSzBV8KdRldNuuEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3884 16 KB
12 KB 169ms
87ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76359bd8d7f248adbd361c7b282274d546e6d99a193b2daf30b3d41129f9eb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12250
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame E887 35 B
464 B 127ms
44ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL80K99Jfg5d32g4-917wkk&google_cver=1&google_push=AXcoOmR3CXlRaOibG5IUJsuyFR0nVMu5LLHcKFeZw798iljoeTahymO2eE2F2zBhWPEePquLbG4Cvl8Z8rLOzW8lym--k8i6dA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E887 0
104 B 268ms
129ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJK9Vrm9yDMsD0q6hx8RHs0&google_cver=1&google_push=AXcoOmQN1aL3XhSm9sGddiOtgKSQq_ZOwXZYg9xwk_foI19bNd7uy32x843H3IvNyMruSkpt4GDMM9k9-Ps8ec5Lm63C-H4p4o8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E887
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMow9YjIgKBIlzxsodvyevQ&google_push=AXcoOmSHbvG-ZWt_uvtU12Rns4yZZn09ukh9hSiEp6m5626oxn5qwhioRp...

170 B
232 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMow9YjIgKBIlzxsodvyevQ&google_push=AXcoOmSHbvG-ZWt_uvtU12Rns4yZZn09ukh9hSiEp6m5626oxn5qwhioRpbUlRQi_1OPh6Fie7oi1Kisz2Hv48dJG_X8RA61MA

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230083-FRA
pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701559144.881025,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMow9YjIgKBIlzxsodvyevQ&google_push=AXcoOmSHbvG-ZWt_uvtU12Rns4yZZn09ukh9hSiEp6m5626oxn5qwhioRpbUlRQi_1OPh6Fie7oi1Kisz2Hv48dJG_X8RA61MA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E887
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMTwF8Y3OH6vx-wJayCn0Nw&google_cver=1&google_push=AXcoOmR-0GJBOXVP5KaFBBR3jZisdgG5Acrxrd-W8v0uKsWweO4S7eIDcO7kzYMUXX99x7uGbY2tLUYIxGJixkYSvsGx17jsSA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=780082ABA7BE482B96A7F0832E9EE014&google_push=AXcoOmR-0GJBOXVP5KaFBBR3jZisdgG5Acrxrd-W8v0uKsWweO4S7eIDcO7kzYMUXX99x7uGbY2tLUYIxGJixkY...

170 B
232 B

49ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=780082ABA7BE482B96A7F0832E9EE014&google_push=AXcoOmR-0GJBOXVP5KaFBBR3jZisdgG5Acrxrd-W8v0uKsWweO4S7eIDcO7kzYMUXX99x7uGbY2tLUYIxGJixkYSvsGx17jsSA

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 23:19:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=780082ABA7BE482B96A7F0832E9EE014&google_push=AXcoOmR-0GJBOXVP5KaFBBR3jZisdgG5Acrxrd-W8v0uKsWweO4S7eIDcO7kzYMUXX99x7uGbY2tLUYIxGJixkYSvsGx17jsSA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 01 Dec 2023 23:19:03 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E887
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKld35NyTS1-8a8Qsqwp-FY&google_cver=1&google_push=AXcoOmRS8gTPD-fG8pSkeWNWPYpjEje1eb0NCOeRDunx_OJ0iypwcEAssPCsCNj9pj7NZBZ4utUSF4ULbPWm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRS8gTPD-fG8pSkeWNWPYpjEje1eb0NCOeRDunx_OJ0iypwcEAssPCsCNj9pj7NZBZ4utUSF4ULbPWmH1Jr9z5nlX7SBDY

170 B
329 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRS8gTPD-fG8pSkeWNWPYpjEje1eb0NCOeRDunx_OJ0iypwcEAssPCsCNj9pj7NZBZ4utUSF4ULbPWmH1Jr9z5nlX7SBDY

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRS8gTPD-fG8pSkeWNWPYpjEje1eb0NCOeRDunx_OJ0iypwcEAssPCsCNj9pj7NZBZ4utUSF4ULbPWmH1Jr9z5nlX7SBDY
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ebda
match.360yield.com/match/ Frame E887 43 B
199 B 168ms
55ms Image
image/gif 54.76.156.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESED03g3OW8qUNoh0eKTtHAPg&google_cver=1&google_push=AXcoOmTtn_-Lu-ESSPvkmTq8auVPIUMmIfmB_y0Wj54v4Sg722W_F8xhZ2ft97eWkn6oKz8lb3x2lQjTQH06CavwXMSzcL5VZg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.156.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-156-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Dec 2023 23:19:03 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame E887 0
75 B 282ms
50ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAk0xqdsnzRNIqB4VuyuWho&google_cver=1&google_push=AXcoOmTv5rVqMXYVI97DiUlrrB8HHmNMeehS8zatvS06Ott_QQmNVEkpFGdvkXd2OiQQQmC8-it9w95T3RnY8Pb0chZI2xJB0A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E887 0
139 B 137ms
47ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwsEk07SNkM-VTpwiEpd3FhKOwwd6Hwq_RIfGXCcV6tkEfN6zaKTamxxWYe21Fml7_7DEA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame FF70 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07e11b51a4c4ba2fae6be06bf00072a50ed779459ad456e0fddde442ca5f4bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 83A7
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1&google_push=AXcoOmSy1M3xfW2p2SPGxfkyUcqonAdV1WUJVjcUkQlKX4WgtE2QDcheL-928659dclxESag1GkGeDCaW08FyhjFoazPL7PKm9lX
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ3MzY4MzE1MTY2NjAwNTYxNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1

43 B
398 B

98ms
44ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 83A7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENOxb-hKvstLeOjSgFKlbKA&google_cver=1&google_push=AXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENOxb-hKvstLeOjSgFKlbKA&google_cver=1&google_push=AXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Zt...

43 B
424 B

231ms
216ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENOxb-hKvstLeOjSgFKlbKA&google_cver=1&google_push=AXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f74aeabb2cbb35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 672
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENOxb-hKvstLeOjSgFKlbKA&google_cver=1&google_push=AXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSh-W58ldmSlEthwa_TZp-Wg1O4-c-I73Gu5xDB6443dh2skcOQZFdHaTZVcIvddifttZ_XC5jyIOdJNIqs7eajOoh57Ztf%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f74ae94a2cbb35-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 83A7 70 B
148 B 180ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBpG7Fjus2AyWQjpkgBrYMs&google_cver=1&google_push=AXcoOmSp3PDeSc9bndr7dpnihE0LwpnpNV8GEttf34qfGnt8U1X-t6WjTo3-jFtrU1RURHB4sDUQPwQDW99EJa1fXVKLBgiLjYpezQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 dds
rtb.openx.net/sync/ Frame 83A7 43 B
245 B 145ms
47ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIvd5VloattkfOb5QidCWb0&google_cver=1&google_push=AXcoOmSgYoy0mETSJKKQZBx5Z6mym_YSDQqAF46EpKDw_gdByoULpGB2R2c2-uysyPLp7ky8aR004rqDuewhL4lxSdJSr4oUHGyWUA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 83A7 0
237 B 202ms
88ms Image
text/plain 2600:9000:211a:4800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJq0LrHOxf2U80M8U-8cWiQ&google_cver=1&google_push=AXcoOmQXzonjrVlC04m0etARAJ5XQp4Tc1wewG5DykyTqPu_G10DiKArsHL41b9SFEBjrEQ-WuQaxnoqdfq6-xjnfYF3srfq55o8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:4800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
cache-control: no-cache, must-revalidate
via: 1.1 485f9ba84065b3ff587a6c536942e6c0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 7TGxQzYdNQyHtcO6Tn-zp95H8q7ah0_lwXxC9WXx54NM2iSD2Ih3fw==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 83A7 0
75 B 276ms
50ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAk0xqdsnzRNIqB4VuyuWho&google_cver=1&google_push=AXcoOmTlX9IHNHl3UEIdtOUpuZuwiQpTbZJPORe3VATCIcsD5hQLeKsZBS9aHRlfU6ly9GbcXTqg89iUqcmQ38jT4TrEU9uyz03sow
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 83A7
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMyyoOKNDzBK...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRZgKV8VeQU_aHOyU2WqoQBXLTPi0wfQ4ClZ43GLe_MAtK5GmRB_B1A-KGC_EXOdYe3tB1f98JDOzwRArEfv6UziBx4GHVPjA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

66ms
66ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 23:19:04 GMT
pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 83A7 0
49 B 131ms
47ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8aDOVrqQqH5C7vlxRKKjwlD1vLD0U_OvfoBpdJe4SAY0NGTgWc-pz6vlYNg0EX65Z2cMk2g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F4BC
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1&google_push=AXcoOmSpZIMAbOfyM949wQdxkWkBKwJt4tBp0utLOWewsWXYOsk2hRDJzBKi16jdLbPacWMHicx576FAahpNB3LB1BHVFnjM6hDo
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzUzNjkzNDQyOTE3Mjk0MjQ0OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1

43 B
398 B

98ms
45ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOWqUdJD3ywomT7NCBw7k1c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F4BC 70 B
149 B 165ms
56ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBpG7Fjus2AyWQjpkgBrYMs&google_cver=1&google_push=AXcoOmQQq_vEFK1uwzAhJt3p826IQdoUB3Pgf-1Z3Cs420TaE3-3IRARALemmxlA6MDSYo2HH3HurisN0XaOTZ6gBVwX6W7Z860
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142907&bpp=162&bdt=191&idt=338&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44798934%2C31078297%2C31079890%2C44807751%2C44806139%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3717604420102411&tmod=1335754690&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n5zm4apcpr46&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F4BC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEILuFLbs5CqIULAC9ceYLYQ&google_cver=1&google_push=AXcoOmQJDmTwdglpmne7l854LKwo1NqOLFVBjELPoOhmIr0CrArZp9p1icIqs7MuP6MYphbE-bJU3J2e...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEILuFLbs5CqIULAC9ceYLYQ&google_cver=1&google_push=AXcoOmQJDmTwdglpmne7l854LKwo1NqOLFVBjELPoOhmIr0CrArZp9p1icIqs7MuP6MYphbE-bJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg0Nzg3NzEyNTkwMTg4MjA1MA&google_push=AXcoOmQJDmTwdglpmne7l854LKwo1NqOLFVBjELPoOhmIr0CrArZp9p1icIqs7MuP6MYphbE-bJU3J...

170 B
232 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg0Nzg3NzEyNTkwMTg4MjA1MA&google_push=AXcoOmQJDmTwdglpmne7l854LKwo1NqOLFVBjELPoOhmIr0CrArZp9p1icIqs7MuP6MYphbE-bJU3J2eht28tQpnwDKVH1pGDEVx

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg0Nzg3NzEyNTkwMTg4MjA1MA&google_push=AXcoOmQJDmTwdglpmne7l854LKwo1NqOLFVBjELPoOhmIr0CrArZp9p1icIqs7MuP6MYphbE-bJU3J2eht28tQpnwDKVH1pGDEVx
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4BC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN37wRLTnxwAuaJITC8u9M4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEN37wRLTnxwAuaJITC8u9M4&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN37wRLTnxwAuaJITC8u9M4&google_hm=ZWu7Zxts9LHPbwHFX0MzKgAADGUAAAIB&google_nid=index&google_push=AXcoOmTfydyuK2bpjoEnenx50p6gsLhTozZUD...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN37wRLTnxwAuaJITC8u9M4&google_hm=ZWu7Zxts9LHPbwHFX0MzKgAADGUAAAIB&google_nid=index&google_push=AXcoOmTfydyuK2bpjoEnenx50p6gsLhTozZUDkyU5og4Tdwvdh4zD0vItJVWOYbB0zBR1ppm5WqyWa05P5FMhZaW0_wLooBFUx0

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FurZQZRGjQez5JzKMIwtR3nl4AVPEQWoJ8BbdFdnCEOKNXUFFaB7BB3DbNUAj%2BwEGasMjONulr4cI1ij87gpTGbfUMRFZktZWuSXHKZo1G5mNl3fFT7y%2Fm8eGdfspRWEukvWpLJIW3vnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN37wRLTnxwAuaJITC8u9M4&google_hm=ZWu7Zxts9LHPbwHFX0MzKgAADGUAAAIB&google_nid=index&google_push=AXcoOmTfydyuK2bpjoEnenx50p6gsLhTozZUDkyU5og4Tdwvdh4zD0vItJVWOYbB0zBR1ppm5WqyWa05P5FMhZaW0_wLooBFUx0
cache-control: no-cache
cf-ray: 82f74ae9bc284510-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F4BC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQfKsH4r5yWw5q24LHDIbTobv2u09nNcl2XBVvevno-sfMK6iKj6TFszEVnaoRRD5M9nr4_ccpX2wyrhxWbhbm-9ZhxCrw&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-f6eb8de4-9b5e-4ae2-83f6-4bf6603d075a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQfKsH4r5yWw5q24LHDI...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQfKsH4r5yWw5q24LHDIbTobv2u09nNcl2XBVvevno-sfMK6iKj6TFszEVnaoRRD5M9nr4_ccpX2wyrhxWbhbm-9ZhxCrw&google_hm=A_brjeSbXkrig_ZL9mA9B1o

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQfKsH4r5yWw5q24LHDIbTobv2u09nNcl2XBVvevno-sfMK6iKj6TFszEVnaoRRD5M9nr4_ccpX2wyrhxWbhbm-9ZhxCrw&google_hm=A_brjeSbXkrig_ZL9mA9B1o

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQfKsH4r5yWw5q24LHDIbTobv2u09nNcl2XBVvevno-sfMK6iKj6TFszEVnaoRRD5M9nr4_ccpX2wyrhxWbhbm-9ZhxCrw&google_hm=A_brjeSbXkrig_ZL9mA9B1o
date: Sat, 02 Dec 2023 23:19:04 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf6eb8de49b5e4ae283f64bf6603d075a003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F4BC
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEClhvID20XmmpbKxIChl9OI&google_cver=1&google_push=AXcoOmRjwTBfDMh7tsxsLfq5navJKfIRrleFMAY2uynmOFgj7TydeUvygm7BzhVxC8...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRjwTBfDMh7tsxsLfq5navJKfIRrleFMAY2uynmOFgj7TydeUvygm7BzhVxC836nuYzWGpaGuteLfR5SDxnWMX5anBv0jfbHw&google_hm=Y...

170 B
232 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRjwTBfDMh7tsxsLfq5navJKfIRrleFMAY2uynmOFgj7TydeUvygm7BzhVxC836nuYzWGpaGuteLfR5SDxnWMX5anBv0jfbHw&google_hm=YPS4L09pQFWzGHM8eYm_DGw

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRjwTBfDMh7tsxsLfq5navJKfIRrleFMAY2uynmOFgj7TydeUvygm7BzhVxC836nuYzWGpaGuteLfR5SDxnWMX5anBv0jfbHw&google_hm=YPS4L09pQFWzGHM8eYm_DGw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F4BC
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGwnZ_YL6ObfdMNoKkkUA2Y&google_cver=1&google_push=AXcoOmRybZ09dGiDT...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGwnZ_YL6ObfdMNoKkkUA2Y%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MTY5Njc5MjQ3MTUwNTA4NA%3D%3D&google_gid=CAESEGwnZ_YL6ObfdMNoKkkUA2Y&google_cver=1&google_push=AXcoOmRybZ09dGiDTnPMHupMTn9MLcyfm9...

170 B
232 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MTY5Njc5MjQ3MTUwNTA4NA%3D%3D&google_gid=CAESEGwnZ_YL6ObfdMNoKkkUA2Y&google_cver=1&google_push=AXcoOmRybZ09dGiDTnPMHupMTn9MLcyfm9MtcSuJcOju16BqE3mTK7Zvpz9td97qujRFTHVP7uP0dsl6V6FvaUMzJhE16jhc11Q9

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
an-x-request-uuid: a903f5e5-286d-4f96-abc5-cd8c5f669ffd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MTY5Njc5MjQ3MTUwNTA4NA%3D%3D&google_gid=CAESEGwnZ_YL6ObfdMNoKkkUA2Y&google_cver=1&google_push=AXcoOmRybZ09dGiDTnPMHupMTn9MLcyfm9MtcSuJcOju16BqE3mTK7Zvpz9td97qujRFTHVP7uP0dsl6V6FvaUMzJhE16jhc11Q9
x-proxy-origin: 80.255.7.108; 80.255.7.108; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F4BC 0
49 B 117ms
47ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvcfnmAmuhhoH9VWM7lNiDwmAzmE8rq7cfeSpJsXf8E3XUX3hepbvHFjmMU6Hx5Muh5K_qyZ8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C375 603 B
65 B 445ms
445ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046724&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143607&bpp=91&bdt=58&idt=201&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C42532523%2C44809315%2C31078301%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=573928386794852&tmod=719631899&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bh9k1utuq95t&fsb=1&dtd=208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5752 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIaE-Z7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzQFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HhHLex3wI9hEmjJ6bQ7uel37R0q7Kj4_FvpLipzIGkS4Oz_oXI3tgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YIDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=mYItJZrIm84&uach_m=%5BUACH%5D&cid=CAQSKQDICaaNv1cwKhWMaXud3VDAnBiEgmjVlwTrnS27qAGByLCSZDYtP30MGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5752 0
103 B 150ms
52ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g6ah2016g1z3gqb2ak3v8mw7cr6934qtcfztxfqevjdkjfp75b9pzwf5rdewy9j41aqkdq32datdtahcamc62vnjeahr0ayddfkbeve8pbckpyaf9p75kxk1re1jpg8xxp7yf348mejtjc35tgayf86jysbp064tgvdas1qfxfqn47vjf0pwn27cnsrc62gdwmep3kxmqsc11bjrhzp8r2cnsajmqbatq70edmappkrxs6xegfgvhgr6eb1njr6t790jqzk76xh3hahjww6dt8anrwf3wxnpr57gzrd27nn7xqm4vf3541m235xpcw0zazpfcr3srn34n5grdrxtqhs2w7d1yb8d876r40e5qj1hgsmn735aqf203rgxf3zceyzhs9pmm&b=ZWu7ZwAEvDoGrTWcAADkAKweg2aIPKfHdOVBfg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142880&bpp=127&bdt=128&idt=323&shv=r20231129&mjsv=m202311280101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C31078297%2C31079860%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=3392804194511494&tmod=396155073&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.grqz887m1ms0&fsb=1&dtd=329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Dec 2023 23:19:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FF70 0
19 B 85ms
85ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbRSdZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzQFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xs5-nMnvBQIHHLX5U5-3nOQlpGqyKPKa3MTikRE5BkWszzTk5eeQgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=XYWTLaKM2l8&uach_m=%5BUACH%5D&cid=CAQSKQDICaaNGl-my-fxEQdsdxmnljs4U6HZeTJ9TD1cqrL0QHkfrwXY0toRGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 23:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame FF70 0
39 B 107ms
52ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kkefrmw7fbxkzggkt9kfxvezw7q528wv3mqq86e2f3am09z69frtnay0fve6vtmevt8n8vzzygdysfjxq467kwt67d4qn6s22bce4tbes7zx74nsc004qp41t4463xf351632r0p76g5j3ctjtqjrhdz6q05qqdh6k3cqj3m0wavstgmndj5mta96tstegeqtztvapj5prdqvkj75p96dh090g6d6f1zvc3dph37bpn8ft77rv0wkprqarkw21w79zhernzwyaxatekbdhrpd3drs6cyha6ryc8t0z39k7q987n657mbbxvgh7dbcs8eppfm1ywe9b2ev4v5vzg5v7cqcfz6fphhxc5s8jvdrcph1nzj4z9znpb1vpf77yjj0mj5f3wbw&b=ZWu7ZwAFG-oEwtECAAwVtqXlWzJpaWJUoiFn-w&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=38340408&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142910&bpp=176&bdt=190&idt=318&shv=r20231129&mjsv=m202311290101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=1968852388&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079714%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=69011117150141&tmod=2117529104&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.5v9zu1yyyx6q&fsb=1&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Dec 2023 23:19:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 0CD5 115 KB
14 KB 58ms
58ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqrnczy34zvqhz0m3hf0fe1x790ehertarbdhtygk34rnacsp2ehh93z2hryqepqg8twakt58sn1zw3je28x1e9a3r9y000y8r6fmvvebgvxp4f3hezp3r1ez59fq11w4c51tvqq2yz7pd83pjfmbqvtwffdvn3mnawmq4r9getqzcfnhephx9zw5kybg2j66k9g6cz83qy3ypnzacdacwhxkarwd4nrga9ncv89qewhg598n4v6wjb9a9fvzyh3fca13rj6gan4dfa51qp95d8a013t5xxp5t49v2bcderfwsjqbz7rn872csw1rxh5hhvtbyhfsw461gddtc3w9nbzedyq8wjrf31y6bq1nq3mmf013tczv7mew670sn3hzza6x0sk65d0f4c10md8t7fznqmddq2wn3ev6eb1j2pr1tevr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gqrnczy34zvqhz0m3hf0fe1x790ehertarbdhtygk34rnacsp2ehh93z2hryqepqg8twakt58sn1zw3je28x1e9a3r9y000y8r6fmvvebgvxp4f3hezp3r1ez59fq11w4c51tvqq2yz7pd83pjfmbqvtwffdvn3mnawmq4r9getqzcfnhephx9zw5kybg2j66k9g6cz83qy3ypnzacdacwhxkarwd4nrga9ncv89qewhg598n4v6wjb9a9fvzyh3fca13rj6gan4dfa51qp95d8a013t5xxp5t49v2bcderfwsjqbz7rn872csw1rxh5hhvtbyhfsw461gddtc3w9nbzedyq8wjrf31y6bq1nq3mmf013tczv7mew670sn3hzza6x0sk65d0f4c10md8t7fznqmddq2wn3ev6eb1j2pr1tevr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1805363
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzN8WjRAwW5GxLLJDyl3ddsU1FCoMZUfenSMrO9Nkyf4KGDcJg2AFL2OGMwjWidpPkUi0colRyYiqf7QlixOmAjiH%2F6BYUj1NLz6EL0b5mjy4rmzmbcIG6dy7v%2BBJzIll%2BPhI3W8KMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82f74ae99df39a3f-FRA
expires: Sun, 03 Dec 2023 23:19:03 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0CD5 24 KB
9 KB 69ms
53ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqrnczy34zvqhz0m3hf0fe1x790ehertarbdhtygk34rnacsp2ehh93z2hryqepqg8twakt58sn1zw3je28x1e9a3r9y000y8r6fmvvebgvxp4f3hezp3r1ez59fq11w4c51tvqq2yz7pd83pjfmbqvtwffdvn3mnawmq4r9getqzcfnhephx9zw5kybg2j66k9g6cz83qy3ypnzacdacwhxkarwd4nrga9ncv89qewhg598n4v6wjb9a9fvzyh3fca13rj6gan4dfa51qp95d8a013t5xxp5t49v2bcderfwsjqbz7rn872csw1rxh5hhvtbyhfsw461gddtc3w9nbzedyq8wjrf31y6bq1nq3mmf013tczv7mew670sn3hzza6x0sk65d0f4c10md8t7fznqmddq2wn3ev6eb1j2pr1tevr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 309856
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5FA2UfI%2FYkQuSYAkNu6QGZ89zzXWD7MLlZ%2BtkL43p4XHSG8oUJlEvNJxExrogT1jLUh4MH6uRdK%2Fk1iuiTYQqZQ%2FeiAOvgRfRa%2Fiu6IoOkvpq%2BsM2%2BeUMiPMQ8fzlDPvFNA9TA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82f74ae9be139a3f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 09:14:47 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4AED 115 KB
13 KB 55ms
54ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h0hbpcqrbt66k1bc51x9fz9dp5ppkgrpg9es9w5hkc4qn9trh6jan9pk2r4m7f72qsexx7hcqjvjmrcnxq8wnnwykvbwx3ha6ny4kxkan7crmdhfx36cbhxyje6e1j2hjv24d2x2845ysmr2z3z1wenxy5ckf2ws1chcy8019ry3p90849dnc41v4b95beeea4hz6tsk3jekrg2e0epky0jq6q4q061tgvg24ecve5hyybvnkccvwm91tsz91x679tqvwd1yvpvgzewtaj59yp43w6nmf74gyke66nvmdr3vx4z9wf0e50tek602fb2x9nhr4zz765g6xv2fvg8weda1p00w10p7qyymp6grft5mpn3yvkm5cqh2dthrkfrd4bjyv92x1enspbvpvxnhg5gf26a2jgnrqk400td1jc32g0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h0hbpcqrbt66k1bc51x9fz9dp5ppkgrpg9es9w5hkc4qn9trh6jan9pk2r4m7f72qsexx7hcqjvjmrcnxq8wnnwykvbwx3ha6ny4kxkan7crmdhfx36cbhxyje6e1j2hjv24d2x2845ysmr2z3z1wenxy5ckf2ws1chcy8019ry3p90849dnc41v4b95beeea4hz6tsk3jekrg2e0epky0jq6q4q061tgvg24ecve5hyybvnkccvwm91tsz91x679tqvwd1yvpvgzewtaj59yp43w6nmf74gyke66nvmdr3vx4z9wf0e50tek602fb2x9nhr4zz765g6xv2fvg8weda1p00w10p7qyymp6grft5mpn3yvkm5cqh2dthrkfrd4bjyv92x1enspbvpvxnhg5gf26a2jgnrqk400td1jc32g0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1805363
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA7x0xFmLLu4DowgB9nQiSGWZ27AZJo06t0iH0aDtw4087ASUAFa0aJTvsCoX%2BLfdmRbAqQq3JK119Kpun5RwtM43LiDBd5C%2F4dInu7E2j%2BR2DPDMIvZ4aj8XrltReSD%2F7C2lAJIKAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82f74ae99df79a3f-FRA
expires: Sun, 03 Dec 2023 23:19:03 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4AED 24 KB
9 KB 73ms
62ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h0hbpcqrbt66k1bc51x9fz9dp5ppkgrpg9es9w5hkc4qn9trh6jan9pk2r4m7f72qsexx7hcqjvjmrcnxq8wnnwykvbwx3ha6ny4kxkan7crmdhfx36cbhxyje6e1j2hjv24d2x2845ysmr2z3z1wenxy5ckf2ws1chcy8019ry3p90849dnc41v4b95beeea4hz6tsk3jekrg2e0epky0jq6q4q061tgvg24ecve5hyybvnkccvwm91tsz91x679tqvwd1yvpvgzewtaj59yp43w6nmf74gyke66nvmdr3vx4z9wf0e50tek602fb2x9nhr4zz765g6xv2fvg8weda1p00w10p7qyymp6grft5mpn3yvkm5cqh2dthrkfrd4bjyv92x1enspbvpvxnhg5gf26a2jgnrqk400td1jc32g0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 309856
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epyZH0XOC98jkzE4sSeBc3WKvdJjX98RMvpGiLNXGvAgjrhOUfDL1flof3I%2Bh68BSJbEo3R4ecsvz51or4JWplXv2qYWKuom8R%2FS0nalb7u8BobC%2BuNPXRPWtk62CIHMsn6PmX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82f74ae9be119a3f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 09:14:47 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame EDB3 115 KB
13 KB 53ms
52ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kq2qxsczqcf49njxkm9bj57r3j5py9jb6e9tyz5r89d1wjtwe3js14pvwvkj5pe6h3d9wwmmjevqh0sj1wh87wdy7faaw8c7bj2kh4hv8sjnpz7q6tfagwxm97xvty53v4hvnqn3a50zn3cpc11sdtmabndakbcnm37zbvxfxhz911yajgbrprmhvc772qc035jffkmpjx5nbgf2z3zhw9awz6mz95tzxbz574y3kbxd99m2ryajpbjk6hxeaxxt410a4631favbkhd3vrzadhh3mnamat3efx8tjjmbgbgwk4r9sy9c5syt2hvysnpwx9v7brzyrwy0x080fdz9rrprx40f8rp72nzsg666nt5a93b2wtwd2q57v25qa2fsbayz54nj26nhr81w7jt0f8znzd4xpt8mcgw4s8t0685c6gaz4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kq2qxsczqcf49njxkm9bj57r3j5py9jb6e9tyz5r89d1wjtwe3js14pvwvkj5pe6h3d9wwmmjevqh0sj1wh87wdy7faaw8c7bj2kh4hv8sjnpz7q6tfagwxm97xvty53v4hvnqn3a50zn3cpc11sdtmabndakbcnm37zbvxfxhz911yajgbrprmhvc772qc035jffkmpjx5nbgf2z3zhw9awz6mz95tzxbz574y3kbxd99m2ryajpbjk6hxeaxxt410a4631favbkhd3vrzadhh3mnamat3efx8tjjmbgbgwk4r9sy9c5syt2hvysnpwx9v7brzyrwy0x080fdz9rrprx40f8rp72nzsg666nt5a93b2wtwd2q57v25qa2fsbayz54nj26nhr81w7jt0f8znzd4xpt8mcgw4s8t0685c6gaz4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1805363
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jw8bKEBQEANfslrGzkQVlOdK7AKEHnD6%2FWsnKuvR4l4SKeM9J6mX2UOy51C1yqkj%2BPi3X014UDpQxggEeWuSnjXqx1PsUwoL1rXGsONcPSFC5r%2B8P303ed3fPK68R8uy6oCsQ43FHl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82f74ae9adfe9a3f-FRA
expires: Sun, 03 Dec 2023 23:19:03 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame EDB3 24 KB
10 KB 58ms
52ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kq2qxsczqcf49njxkm9bj57r3j5py9jb6e9tyz5r89d1wjtwe3js14pvwvkj5pe6h3d9wwmmjevqh0sj1wh87wdy7faaw8c7bj2kh4hv8sjnpz7q6tfagwxm97xvty53v4hvnqn3a50zn3cpc11sdtmabndakbcnm37zbvxfxhz911yajgbrprmhvc772qc035jffkmpjx5nbgf2z3zhw9awz6mz95tzxbz574y3kbxd99m2ryajpbjk6hxeaxxt410a4631favbkhd3vrzadhh3mnamat3efx8tjjmbgbgwk4r9sy9c5syt2hvysnpwx9v7brzyrwy0x080fdz9rrprx40f8rp72nzsg666nt5a93b2wtwd2q57v25qa2fsbayz54nj26nhr81w7jt0f8znzd4xpt8mcgw4s8t0685c6gaz4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 309856
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOxPT6u5EYzv4zNR7v8L%2BXUVokZIgSgLmpei%2BJon27tRTLtaxB33fZg3wiupaeoYglt8ZQePwtmQSSAPAa81%2BOTz4ILAjZDu3BczrLjZnlBBhVIL5yzNlnYLze5%2FnI5Ubh9Rmb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82f74ae9be0f9a3f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 09:14:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3884 17 KB
6 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 23:19:03 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame B2BE 2 KB
2 KB 50ms
49ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 373399
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 82f74aea0fcd3835-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Tue, 28 Nov 2023 16:18:07 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hngqvnmLT%2BgsDlL9YFEtF3Guf%2FPZN4S5bgAvWesnL4zHF7VrY8CMCau6aWk5TsEDgop5yqBAnXhmMFWIe7tpihoKybXi6Puvsda8ReZPDilYlO4MZFNL4aikUZVUe04lNIbbo5c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0CD5 350 B
906 B 151ms
50ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1076392
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwNv21y3qkQmk15ScSNYGazLzFqkBc9zhXLQfQ1sTzM8T17UrzSXluJY9%2BF9%2FeqwpfVskxQwoxoiGoEJpyGB2b0zhbNv5RgQQcfEJdPLidraEp1Oa5ldmq7ovinFOASH8RUnzzUbfLD6PAn0WTm3UMhl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aeabc4837fc-FRA
expires: Tue, 19 Nov 2024 12:19:12 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame F947 2 KB
1 KB 54ms
53ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 373399
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 82f74aea1fcf3835-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Tue, 28 Nov 2023 16:18:07 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGpD7QJjYn%2FgLAjmo8RvQCNCzVbGSAb4nbypZSSrkGhdtEO8XIchok0jhHyCQcfPr782IU0GL0rrCnAslpeLRe6Hk7HCzMgayyxStDbtwGyb3saIRNA0jjLkKtTo8fPd36xdAsE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FB01 0
19 B 83ms
82ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTUm7Z7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzAFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEt5bzT9ojhN7e59GzSnhKhB7Bhs6VabUkShP6LNA2cEcUVGeLHmWGABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=2GUzRR7IlTY&uach_m=%5BUACH%5D&cid=CAQSKQDICaaN1XvhbgWlPF4SMddvwGFtpRHPue-vWDQ2-Kqc1AMLXn56kDWeGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142907&bpp=162&bdt=191&idt=338&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44798934%2C31078297%2C31079890%2C44807751%2C44806139%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3717604420102411&tmod=1335754690&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n5zm4apcpr46&fsb=1&dtd=344
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame FB01 0
39 B 49ms
49ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1he2t9248vcq3k9j5vd6d66stk54y7xqhtyg2eqn6dqkdzfz6dcw7njc83113ch081s39wgey2ne4r8d05ztzkpmmw9d95tpg5z3jvj51akk98deqrrt3de0j6n9zvdpnb79vescybwwfg1t7jm6ygd1s1ba4vgtxw5wwyj5s92zpbxk1kr4t16fe4re4qp7k3wzevw5v9vnfmdy60xxrk89qagh6xdynndmv5j4gft4kwx3jwt5b687zga8nt9b4dapfjstywh8jfe88r57frrdvkqpphs2v89p1xc7eg1p8vt4akgh19j86g386p9f0g5dj7yw5w4ddafwbqntkvtqvww4dtgknv9myw5syemrrsexr3rvrgm6vp5fhjg4berjw9r2rr&b=ZWu7ZwAFaTsGrQK5AA-tf0J_9iJzLR53Z67B7Q&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559142907&bpp=162&bdt=191&idt=338&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44798934%2C31078297%2C31079890%2C44807751%2C44806139%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=3717604420102411&tmod=1335754690&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.n5zm4apcpr46&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Dec 2023 23:19:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4C3 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss9HL0Zo59mkaUsNQx3e-zPBumCb-b7OOVvmlgq1_Woy8WEh6FCC5C2Fv6klAa_rOJ9WqHrkhGiO8Gm6qos5LSwwVjAWescJ6LXdGH_W70j3ak8CRpPSAAnHutAUWkuosj8vw0PZ0A5SX4l1g3wjw32KBveiJ66GL86OEkyvw9-rRjkOW8hea7q8NrjdpobxWKirLE-oosS4PLNxRbk2p8I8uzzSviLFAKi72pwrdlw0uA12CIXR6W3HcvtRlP_fcCDoHdsjXwP6BYv-ACr7-tFbWk3mv7v7XDnDLsk7V4hIbOy0beOom41XQBxPIe4spwDCFHIOnpwqshxMBvpY1fygQ0HzYIXo_0bCwQQmLKWdGT_dxQEQBTT3ig-14pCrkWNwhy1A&sai=AMfl-YT_0CkyzODgQvJgPUPesqpVSf1fHMno3Mde_9EWx7aoykqc4zQGSMSyYpUIo7gpe7Vfb5EznAcVITlYZLp_SXjvM2sclqb1fg&sig=Cg0ArKJSzHxcr22F_OoIEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F4C3 16 KB
12 KB 86ms
86ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da417a381f467258e65108a61a8186a38491a510eead850b78024891a68b779e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12348
x-xss-protection: 0

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 3AAE 2 KB
1 KB 49ms
49ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 373399
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 82f74aea4ff53835-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Tue, 28 Nov 2023 16:18:07 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrtU5y4g5ZdsfTmYiH%2BTpa5z89dPmHg2K%2BJHyZoYxlN905tgaWLVryjYhfHHZINQMKC0dLUy3tO3ayzSuJ0MXAXzNaRP%2FLreNDIi4rAflfl3REKH0zEW5eYEqdGLBz8SZ067b2I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7826 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D2AF 829 B
1 KB 50ms
49ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5efba1b07d5911e5ad0645bce66c621a9799eedf5d917d07491d5cddacfc9d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M3R3nWdxugmbcNqZ99hRgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-M3R3nWdxugmbcNqZ99hRgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Sat, 02 Dec 2023 23:19:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A906 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve6u1d90HsDa8BzdDXqXrx9vjV3hMoT0ZWBZ3zWD6p7kpm9gFBrb7tdEgeXSauoUeeF7TX9tJzXLpPKCXC7hslM33tRMd6-_iIvAKnddBYshq9ntfcOq-0XroLNy4g0t1HRvOJxi31oXSJa8awC5Bv0vCBzreGyCGmVpWBrbP26yvs_bCEUFQk9EDZglzoEiVDIV2DCAI1NTrmMBokxF3N1oroDNOqOApsXFfOlD36eJC0T20TgDbxVBei7-LHauu60frvQagZj2udAYjVp2Y9DD9D6NpomfEa5swMGeD4ECpPAAK34szjtHJwSU3sLpjR6WfW0xZAR23nQzLeulefKNJYoMW_Lneop8CAX-OdTFHZ_AkS_3zCj7qKvsUTSfPQN9JNVA&sai=AMfl-YTPZAkrw7OntWHrojUlZYvnsH3iVgg5GafgjOXgspmoDvICH0-ZrzY0oU3de791N8HOomkde_IieOzrwkCKiH8Q1cK0wVr9tw&sig=Cg0ArKJSzFB8eOJpQBE_EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A906 16 KB
12 KB 87ms
87ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c790e8ac5de15593730a9c3091693cf5fa6c8553ae038684ea8b615bde06a96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12273
x-xss-protection: 0

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame B05B 2 KB
2 KB 64ms
63ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hgnrm07h08w806gh8vcc2cmjywesctf267q2956cnj344ee2qe2b2qv328x3wbkmgcp14y6qns5f4n7126bakzgj31wdbx3ssk6p850mwgrdr061a6rbgfv38bvtaqyppddzz63cddwqjxv99a2f3bznd1p96t2ydmqjagypqcwakp3827bevjc8bcjbz84dwmb463c5nab9070s23se117b1b18cb38ettktjtx13j5c3qa0dfebxsjk4855fst1a4e0zx9m8phssyz7zw6rw6a4e8w9ef8z39vxp71xtrx5k7pknagb9gaxyvrs6v6b8x7m76ateq97r6f147k8e4x7dan0hw8amj8t1r3ndakt1hvp0wpy3k1m366frventfya3kzy7a41h2p3zw16s1q1qp58srqwpzqcpwwz1n2f93zvtsm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50b6aae2885372069c5110eda8288935631fbb0c83bb9df68343e2f6317ce8ec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f74aea78663835-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BCAD 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CF9A 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame BCAD 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BCAD 0
0 48ms
47ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnrv9LNNJ-RuwTCuTkopR8NmEFVygKuMgsO-wQ-NbkMwdOjRUsrNpyVKqltR45TP9CxdgoIhRSOCkqm5dPn7UshaIrcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCAD 202 KB
64 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:19:04 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 105ms
61ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f74aeacc571d94-FRA
content-length: 24
content-type: text/plain
date: Sat, 02 Dec 2023 23:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRfqLr4V9KFM8YOvK509l8OcEVu0tBrrf%2FfuwKXLKH%2B94MxUgzggvo6nTtx%2F1SEMDve0EnpaDdTyRzIe8BRu1gr4IIwc6nEPVZ6vJzpFiXn4Zg5Zjl01r5N80Dy1JPemFK7HZIE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-09x9

POST
H3 200 rs Show response
ad4m.at/ Frame EDB3 1 KB
2 KB 70ms
68ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 168876f723f2006f28e1e0b373136d34111e389719e20f99b3f2e5ef83dd5b5b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7SUNA0s3T2fHHOW0X480hal5RXDpCZiHQ3NCBa%2F20J8bn3Q8LAmKkTDQPcCKbqXn6mvnb8dgwarEA6eq2CF1HpFCxaAgBTF88Emeq%2BZhMntfMas8Tzmo6k9YIGwwD3hzVOukUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 82f74aeb3c9b1d94-FRA
x-backend-server: aa-reachservice-group-europe-west1-09x9
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 0CD5 1 KB
2 KB 63ms
63ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cd40bdbb0e4055036c8a17a5e3bf90b3824676e4eb49bb143b1ca9f68b1c892

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rIjMZb59hHmJhPdg9rbkd6z8oQbGst1zcLHsFmxpkasxyrn05KGa6WBWVZmlwAAOH%2BZvn%2Fsg26o8pA%2F0%2FSer1IE2wofp229NIUmzoZJl7mfwYITZUJIxtF24wnALtxSoLs%2Bht0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 82f74aeb3c9f1d94-FRA
x-backend-server: aa-reachservice-group-europe-west1-09x9
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 107ms
64ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f74aeacc591d94-FRA
content-length: 24
content-type: text/plain
date: Sat, 02 Dec 2023 23:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oTQzfRWGeoiw9wZGsLxE9sgIB86kxXEQjsiXqytn5%2FLuInhhy13KbRp1iw18vuYBGLD0xWnlcB6IKhynokvHVIB49yc%2BFUiu9iXp1lDy%2F8XnKXvuBYAqUluKLnkJXl6mEg0Q5o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-09x9

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7826 39 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 4AED 1 KB
1 KB 64ms
62ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b0767ecfaa816e049866faed0ccff201701c6fe037ca84913a6ac418cbb4ab1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2Rq0amfyr8BwjQaWQFC1LQWTMWUh81NdRbejt9B1KImImKf04%2BnuIuz5L2UXJcOAZeRuCGOGs%2B33D9aPOOfZey6W9Zpr0m21sq62OV36rvfdMAhSeCY9KSIY8YaB%2FEh2NFP3KI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 82f74aeb3c9e1d94-FRA
x-backend-server: aa-reachservice-group-europe-west1-09x9
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 92ms
62ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f74aeacc581d94-FRA
content-length: 24
content-type: text/plain
date: Sat, 02 Dec 2023 23:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q046orVZ558WcNpOSJEOWyEovee8KWlKmM2LoFDXqXx3P7RfKdT%2BblxDjiaUWkiKH9nPOfMYYkG5AvyYp%2BySXrwPUD1dXYwg20nUFBeUXkRwrMNGi4YbHFdtxx8ZZoZhToJclf4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-09x9

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D2AF 0
0 72ms
72ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1611315753300357&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF9A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA9f4q9seXMqChnsZRW-SbA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA9f4q9seXMqChnsZRW-SbA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SVVqbFkzZ2IxUjl6Z2s1&google_gid=CAESEA9f4q9seXMqChnsZRW-SbA&google_cver=1&google_push=AXcoOmRlrKJhKsmSzLfu9BIdK95WmvW120Do_ZSX0erL7Nj...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SVVqbFkzZ2IxUjl6Z2s1&google_gid=CAESEA9f4q9seXMqChnsZRW-SbA&google_cver=1&google_push=AXcoOmRlrKJhKsmSzLfu9BIdK95WmvW120Do_ZSX0erL7NjCETboYfosC8UBA0IG4R8ASQyt8zu6xbevqfi4o53oADvzKK7I3t0rLMBrKldHvdRZAJbsOBpEnAEeqV7vEj-McGiipvShHx8KkVFBCcezCvEP

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 23:19:04 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SVVqbFkzZ2IxUjl6Z2s1&google_gid=CAESEA9f4q9seXMqChnsZRW-SbA&google_cver=1&google_push=AXcoOmRlrKJhKsmSzLfu9BIdK95WmvW120Do_ZSX0erL7NjCETboYfosC8UBA0IG4R8ASQyt8zu6xbevqfi4o53oADvzKK7I3t0rLMBrKldHvdRZAJbsOBpEnAEeqV7vEj-McGiipvShHx8KkVFBCcezCvEP
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CF9A 43 B
363 B 134ms
42ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT5m7vbLp_Ae4YK86TFhKxfidCNqLmc5o_lNUkSIuay-rigB_NgTOQVBrOJFgwBKIP3G5rE4BMJJ1PTwqc9XSfUioDyhOo_4YyhZdZPxEOFqncjUussBox_aI7Yw6pzk-xfSQSCUtW3vUbaNxSSF8aT&google_gid=CAESEAF4L8hsVOBoeVTQUh4vi_M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 176651
expires: Sat, 02 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF9A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEILuFLbs5CqIULAC9ceYLYQ&google_cver=1&google_push=AXcoOmRu7WW2BIS4kHWsYzMFO9RpBtCz5jeiIbsjmYtlHeyz3gQDFX44yaNsgjRnliPifIr2iKYf0kci...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg0Nzg3NzEyNTkwMTg4MjA1MA&google_push=AXcoOmRu7WW2BIS4kHWsYzMFO9RpBtCz5jeiIbsjmYtlHeyz3gQDFX44yaNsgjRnliPifIr2iKYf0k...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg0Nzg3NzEyNTkwMTg4MjA1MA&google_push=AXcoOmRu7WW2BIS4kHWsYzMFO9RpBtCz5jeiIbsjmYtlHeyz3gQDFX44yaNsgjRnliPifIr2iKYf0kcizm1dIB2fhJE7R7cy5Q2xPDazJwx1G3Nnt1NwyQ6XpYwvN5AwS_ZDgAP6PXpJvLF1pXbd40jwGfd9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg0Nzg3NzEyNTkwMTg4MjA1MA&google_push=AXcoOmRu7WW2BIS4kHWsYzMFO9RpBtCz5jeiIbsjmYtlHeyz3gQDFX44yaNsgjRnliPifIr2iKYf0kcizm1dIB2fhJE7R7cy5Q2xPDazJwx1G3Nnt1NwyQ6XpYwvN5AwS_ZDgAP6PXpJvLF1pXbd40jwGfd9
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame CF9A 43 B
94 B 48ms
46ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIvd5VloattkfOb5QidCWb0&google_cver=1&google_push=AXcoOmROMiqOaAWMOe8UpR6YOkRBcdofRuldC5y44VOdPi7t8P9XABEuhfNHLJAHO2ZxGUEMu_GF8gdjiYiZjSE2dQuLjkXWloKPi0RxlG6-yClaVvYusokUQio2Ins1M2r_rK_lpshCGFz-8c2aXA3H2jrb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame CF9A 0
166 B 133ms
41ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOK5fxjs7KmBg3k1u-37iR0&google_cver=1&google_push=AXcoOmRFfUfYqhhr56X3SZeTf_U7ER7vjUAL7Wou8ULhIkwsvxH7JkIOYiHcVdyJp91wQHRv4JDsic_8MVGqmeId9NXQIchN9GvODn7Uq0lVk5X43rIiS3EgBtxt22cTvCKFJbmiBV00c3-cxg8SKXmZKGH_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 02 Dec 2023 23:19:03 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF9A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.targeting.unrulymedia.com/csync/RX-f6eb8de4-9b5e-4ae2-83f6-4bf6603d075a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRhmtuZzF3KMdd6_uSsq...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRhmtuZzF3KMdd6_uSsqlAOOEPv8Ew0PXqUFYMmMVPv3oROKHjaDoa6qREQXXGY4-ZAzIDsXwfivOkB0k45NX9Jf5gb0DVZAYlBqJHSEn9MtghUeNQ-SzdY6VniIqrBD2D9...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRhmtuZzF3KMdd6_uSsqlAOOEPv8Ew0PXqUFYMmMVPv3oROKHjaDoa6qREQXXGY4-ZAzIDsXwfivOkB0k45NX9Jf5gb0DVZAYlBqJHSEn9MtghUeNQ-SzdY6VniIqrBD2D9VmLZRXGOWmCBF7nprGdE&google_hm=A_brjeSbXkrig_ZL9mA9B1o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRhmtuZzF3KMdd6_uSsqlAOOEPv8Ew0PXqUFYMmMVPv3oROKHjaDoa6qREQXXGY4-ZAzIDsXwfivOkB0k45NX9Jf5gb0DVZAYlBqJHSEn9MtghUeNQ-SzdY6VniIqrBD2D9VmLZRXGOWmCBF7nprGdE&google_hm=A_brjeSbXkrig_ZL9mA9B1o
date: Sat, 02 Dec 2023 23:19:04 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf6eb8de49b5e4ae283f64bf6603d075a003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF9A
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEClhvID20XmmpbKxIChl9OI&google_cver=1&google_push=AXcoOmSk7nUS6PAeOQ5702qIMPj3oZJ37yWbMLDKbreGmUpkzB9cJft5XPONVy_srR...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSk7nUS6PAeOQ5702qIMPj3oZJ37yWbMLDKbreGmUpkzB9cJft5XPONVy_srR_MYvoCJ6QHrV2yqSZsL9QtJ-8NV8omrhbMoS5C-I5UBf5_Hj...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSk7nUS6PAeOQ5702qIMPj3oZJ37yWbMLDKbreGmUpkzB9cJft5XPONVy_srR_MYvoCJ6QHrV2yqSZsL9QtJ-8NV8omrhbMoS5C-I5UBf5_HjxFNO_ML3vHeYOeWSu4pwVHtyRR3wL-a_fY__usSQhggQ&google_hm=YPS4L09pQFWzGHM8eYm_DGw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSk7nUS6PAeOQ5702qIMPj3oZJ37yWbMLDKbreGmUpkzB9cJft5XPONVy_srR_MYvoCJ6QHrV2yqSZsL9QtJ-8NV8omrhbMoS5C-I5UBf5_HjxFNO_ML3vHeYOeWSu4pwVHtyRR3wL-a_fY__usSQhggQ&google_hm=YPS4L09pQFWzGHM8eYm_DGw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CF9A 0
12 B 47ms
46ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlD58C6nvig_H1T5kHFRAA3404e-32ZQlSYnp9ikQbc7DMCn3b8FBhPI6PCt_E6Ybju9v3yQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B2B 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbU9gPJ8slPHT_kuLPg_MYDyYs2YWseKTewd8ROS_w5htU1G4uTUzLihP38fLHFLCCbzOXEHEoeDF6qtx5NGMgOy92pXcKKY1v7Fd0Q3e1KVU_S-HfspXumrfRDJ8tk7hkwjsEgDnjtu_bdyDjL1JEv_uxVBb50KNDSw0XrtxZp-xp9OFx1IsKBesDrxMd-LQQ2AVvu9gE885jQYl0v13zJUp66Q1gPw4fn-MjohKkFNnqGqYO7Z-55KgKMvwvWYm1BockQcK06w47-onpZzbWWR77MejchW6WPj214u0D4nJ-GhdGlf7EHChkH8ovpIVgu9oge7oWD9uoYZR__YQcY1excVL6TQEPUtDP8fgpiyTRobeBcL-qYyZ-DaMAD-xB1D74MQ&sai=AMfl-YRJ3qFvTt1y_3nIGXNE4c7hfGGlFjmp9rZ11StXwMq4oVUnoEqTNGu1LVTnPzAIPumU3j5tntVRjQa4NpWBVf1QBxJlA7Bmdw&sig=Cg0ArKJSzERFXnzIN7mBEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6B2B 16 KB
12 KB 85ms
85ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

825c379a082d78fd191f1bfc563c9d02359c8789bc4af89437d50b82c8b2f901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12303
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F4C3 17 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B05B 115 KB
14 KB 49ms
49ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hgnrm07h08w806gh8vcc2cmjywesctf267q2956cnj344ee2qe2b2qv328x3wbkmgcp14y6qns5f4n7126bakzgj31wdbx3ssk6p850mwgrdr061a6rbgfv38bvtaqyppddzz63cddwqjxv99a2f3bznd1p96t2ydmqjagypqcwakp3827bevjc8bcjbz84dwmb463c5nab9070s23se117b1b18cb38ettktjtx13j5c3qa0dfebxsjk4855fst1a4e0zx9m8phssyz7zw6rw6a4e8w9ef8z39vxp71xtrx5k7pknagb9gaxyvrs6v6b8x7m76ateq97r6f147k8e4x7dan0hw8amj8t1r3ndakt1hvp0wpy3k1m366frventfya3kzy7a41h2p3zw16s1q1qp58srqwpzqcpwwz1n2f93zvtsm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hgnrm07h08w806gh8vcc2cmjywesctf267q2956cnj344ee2qe2b2qv328x3wbkmgcp14y6qns5f4n7126bakzgj31wdbx3ssk6p850mwgrdr061a6rbgfv38bvtaqyppddzz63cddwqjxv99a2f3bznd1p96t2ydmqjagypqcwakp3827bevjc8bcjbz84dwmb463c5nab9070s23se117b1b18cb38ettktjtx13j5c3qa0dfebxsjk4855fst1a4e0zx9m8phssyz7zw6rw6a4e8w9ef8z39vxp71xtrx5k7pknagb9gaxyvrs6v6b8x7m76ateq97r6f147k8e4x7dan0hw8amj8t1r3ndakt1hvp0wpy3k1m366frventfya3kzy7a41h2p3zw16s1q1qp58srqwpzqcpwwz1n2f93zvtsm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1700261
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FiN1ridfyFho9g12g3aB4Ql1tFMUcBaiHz%2BNt%2BOXdHvaMaNGQnzD3lAPL9ql%2FVeHH9aoEKXSKOGJDS0SlhqiAatC%2BqfUh%2FavXIyXiKn1lT7At8iu4JgbmvNSLoQOb7mX0mLToTcJaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82f74aeae8ab3835-FRA
expires: Sun, 03 Dec 2023 23:19:04 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame B05B 24 KB
10 KB 87ms
87ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hgnrm07h08w806gh8vcc2cmjywesctf267q2956cnj344ee2qe2b2qv328x3wbkmgcp14y6qns5f4n7126bakzgj31wdbx3ssk6p850mwgrdr061a6rbgfv38bvtaqyppddzz63cddwqjxv99a2f3bznd1p96t2ydmqjagypqcwakp3827bevjc8bcjbz84dwmb463c5nab9070s23se117b1b18cb38ettktjtx13j5c3qa0dfebxsjk4855fst1a4e0zx9m8phssyz7zw6rw6a4e8w9ef8z39vxp71xtrx5k7pknagb9gaxyvrs6v6b8x7m76ateq97r6f147k8e4x7dan0hw8amj8t1r3ndakt1hvp0wpy3k1m366frventfya3kzy7a41h2p3zw16s1q1qp58srqwpzqcpwwz1n2f93zvtsm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 309857
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWpPGxhfcDjdH38V97oeXFWTDcJne%2FxqreQak8EviyGM7tOIkq%2BHeJ%2BDuLrJ18mLm1Ptgm8AsCTDzx2XfHyHA3D59SqNn0Oe8ij50Y1Oa%2FX%2F0qZJvPaCh4NRcJhLOJoF6aEAgPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82f74aeae8ad3835-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 09:14:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F21 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-ovMHaeyptCwNzb5lnOP7wqW6LDSrkUaPFp8xreqxkXXfEihHphmgUyR3ob7sjoHjs7QnWM6LNJdIOyr-Fz_CF_eYAoDpit04wh-dNsPaoifSTCwOhazzBDKf-UprhsqP56vk6PDV055mRCu3FR6-cSrt5QqGDZriy3vjANbGum-qh6BApGwSVK16dF-xvOD1rYTNJr1ioj3_lx-EFx-QO9PbkHBpdw3n7PFHlTWIXLdkF6BTnBt3OKI5_lANE3pqW8wlKiojnoMArPWAlDcdGwYGGn9TET_sXMtGsZa-5tIyjYNXXbGICzrYS0Ve527Ivpk6g6JaaAy6Fbq37a6fj1JsREz2vgBrVUxFymczSFBUo-88Ta81SFH8_P8iOmzVGf-v4rM&sai=AMfl-YSlp2Mh3qugJhH1dZxtB4hPl-Revyvkxjr-pfsNjv2riBar7Z6ZG45d-Hs6QKqYDGI7bX48wFh_adC8wEZfynHM3fEq1XsuNQ&sig=Cg0ArKJSzAcr1jo-FzaREAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4F21 16 KB
12 KB 86ms
85ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f089f23d41f2b728fdfa5a8ada3628247b320a341de7fb84a6a30e64d9c2af4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12382
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A906 17 KB
6 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7826 0
11 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AT9KjQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 40A7 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8B0A 829 B
559 B 51ms
49ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6896ba54c1af3274a4d5a84945c83892c985c2b417e82465c331a24dbb9afc3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BuzZS6LNa3a__bHwwdedEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-BuzZS6LNa3a__bHwwdedEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Sat, 02 Dec 2023 23:19:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6B2B 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BCAD 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6MsKZ7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzQFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSayF4WfGLj2acm2uvnlKbTz_dufMcxCVpkCcD2SGPd1AHWJt2ZhVwgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YIDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=A8LW0TiwvAo&uach_m=%5BUACH%5D&cid=CAQSKQDICaaN-0Z7M0E5a5YAt5Ix81XRMNGjhVZsd1LRXprZmLCsOFU14RQTGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame BCAD 0
11 B 49ms
49ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hgdv2zs0a4dhch7fdpnshc61v6dqd4yetq4gdseadcbq5jaqbnp5nhg3zkknq6jbh6tz5s7qdh3s5cxd93xpytrbxqzc10mtt63t9pzpwmj8hhfkekb54npsbry4p4pcp3zja94t9tfjdpsnwfqfxg7cj2c4dm8sggqrpdbh09p1qb0vzmqn595fqen417hzqqzckrbxzn59zwmyybxy4cph0h7993wdd1vexng0bv0v6gbep0b9armvz1dysq4qesy277s2cq0exa7q6r59q775ryvx4yztw4ccpzh01aszbxvg0ma1wrgxjndy4w8jf3mpw2xns9nzfjetg6mc1w5rvj6835kfqgqtfjffkqh8pf8sx2jbpqtddazqnmajrbhcr6018&b=ZWu7ZwAKxGYEwsloAAmzHReZFH3IFykDBov4mA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046725&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701559143397&bpp=97&bdt=58&idt=201&shv=r20231129&mjsv=m202311300101&ptt=5&saldr=sd&is_amp=1&correlator=9714&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1766628731&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079826%2C31078297%2C31079890%2C44807751%2C44806140%2C44807763%2C44808149%2C44808285%2C44809071&oid=2&pvsid=3811779048352786&tmod=755990261&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.7ia8c5vudbih&fsb=1&dtd=206
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Dec 2023 23:19:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 40A7 39 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 4BCF 2 KB
1 KB 50ms
50ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 373399
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 82f74aeb99303835-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Tue, 28 Nov 2023 16:18:07 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76av2PdWNwgybZsLPLmyZNqUSnVdNCfyn71OdnMMDsvna4j0HDiXal2bgWwWtLhcF%2Bzih%2FJfmTrD9g5Dv%2FSPn4gJlQ6wUpGuMRfZnb1r3eRhq34cYCK25r1CQADRfNTUWTnB94U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8B0A 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3711935980509958&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame CEE3 3 KB
3 KB 62ms
60ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=320&d=50&e=&g=ad1936446b47467edb51da9d44b221dc%2F9948689235261172637&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0tqkx66gqpsjbdnxx88tv2wawpf6tr73xvh7181gazqmbmp1er7k11qh9tbnqkpym8anh801f18x06rr7vsgge5gqhdjwm0racg5604jgkng66ssd0d39fvz9k2xf5jkwbp9rhjx50emfpr17eqhxzbd65v9b0tnmnthhjjny05megkc6jsj0tmha72hajpyqb5d16syjwpdra8qqz8s0gfnzqg4dp59anarxa48a1j5sbf5ragx85y2649zej8rwrjxjvhaapsrehpq10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58a14106e5a98c3911fcb15d18e78a1c96c388ad010b3116dc543394f5e994b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h0hbpcqrbt66k1bc51x9fz9dp5ppkgrpg9es9w5hkc4qn9trh6jan9pk2r4m7f72qsexx7hcqjvjmrcnxq8wnnwykvbwx3ha6ny4kxkan7crmdhfx36cbhxyje6e1j2hjv24d2x2845ysmr2z3z1wenxy5ckf2ws1chcy8019ry3p90849dnc41v4b95beeea4hz6tsk3jekrg2e0epky0jq6q4q061tgvg24ecve5hyybvnkccvwm91tsz91x679tqvwd1yvpvgzewtaj59yp43w6nmf74gyke66nvmdr3vx4z9wf0e50tek602fb2x9nhr4zz765g6xv2fvg8weda1p00w10p7qyymp6grft5mpn3yvkm5cqh2dthrkfrd4bjyv92x1enspbvpvxnhg5gf26a2jgnrqk400td1jc32g0p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f74aeba9393835-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9287 11 KB
5 KB 62ms
61ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c08a7cdf90dd1c79cc48740e89336f20fecf6938d3cc254de7f6c7f3dda7f6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gqrnczy34zvqhz0m3hf0fe1x790ehertarbdhtygk34rnacsp2ehh93z2hryqepqg8twakt58sn1zw3je28x1e9a3r9y000y8r6fmvvebgvxp4f3hezp3r1ez59fq11w4c51tvqq2yz7pd83pjfmbqvtwffdvn3mnawmq4r9getqzcfnhephx9zw5kybg2j66k9g6cz83qy3ypnzacdacwhxkarwd4nrga9ncv89qewhg598n4v6wjb9a9fvzyh3fca13rj6gan4dfa51qp95d8a013t5xxp5t49v2bcderfwsjqbz7rn872csw1rxh5hhvtbyhfsw461gddtc3w9nbzedyq8wjrf31y6bq1nq3mmf013tczv7mew670sn3hzza6x0sk65d0f4c10md8t7fznqmddq2wn3ev6eb1j2pr1tevr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f74aeba93a3835-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame ECE0 9 KB
4 KB 60ms
60ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abded813102ed02d99802cab90f1bb9c5dc6c7b1267a341ce1403f9681a43654

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kq2qxsczqcf49njxkm9bj57r3j5py9jb6e9tyz5r89d1wjtwe3js14pvwvkj5pe6h3d9wwmmjevqh0sj1wh87wdy7faaw8c7bj2kh4hv8sjnpz7q6tfagwxm97xvty53v4hvnqn3a50zn3cpc11sdtmabndakbcnm37zbvxfxhz911yajgbrprmhvc772qc035jffkmpjx5nbgf2z3zhw9awz6mz95tzxbz574y3kbxd99m2ryajpbjk6hxeaxxt410a4631favbkhd3vrzadhh3mnamat3efx8tjjmbgbgwk4r9sy9c5syt2hvysnpwx9v7brzyrwy0x080fdz9rrprx40f8rp72nzsg666nt5a93b2wtwd2q57v25qa2fsbayz54nj26nhr81w7jt0f8znzd4xpt8mcgw4s8t0685c6gaz4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f74aeba93c3835-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F21 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C74 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0656 829 B
561 B 49ms
49ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

843b750d76e003270f4ecdb08283c6d52aa9c663cb0c122ad3bd617bb2193ba4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WRIqEWX50uNuG6tCYcHixw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WRIqEWX50uNuG6tCYcHixw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Sat, 02 Dec 2023 23:19:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6EC6 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B55 829 B
559 B 49ms
49ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

046b0a10ca2bb0fe0efd630ceba60b517cbd15b7a1ecc9b071c2cb9fd881acb4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T-H6h79bzsIH13d17o628A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-T-H6h79bzsIH13d17o628A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Sat, 02 Dec 2023 23:19:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0C4 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPYIK0jflwzmhEJwqySwln5QrcsMTX1DHcK4TZKd0jRi74LwUB7l64HhWSZdKi0zGG35yZxZGfA5DqE2ehtTi7K7imTo-wvWWbi_SGqi39655-XUelHWTb_lp6ody4HHJGzMf3OKLD9HMT2Y63WHN-xEH3eUeoISce-Eh-zpRAXxx6amh9EmCXGFgAG5Kl21czfK-wkGN2Xsyp1H8CbeiKDCuHPMEiLksG_6fbXzwgKu_2J78OBAMafhjkTG5ahZ3LMPy2tad3X3nWZZvh_GuOzdKA76ndArfXjabhv1U21d_RUGlYANrR8l8nKe612-9GMcT9UBXx8k2EiisY967TVCS5IkIKcfYu2Ywtv40ZzEPiaae-AztoAD0TkjOqdAqem_mSZg&sai=AMfl-YR8Tn65q0KmFxhixz2FDnwd1MpM1JB6Q4MI0wVYvVrWuz5pEfHcfzDcLZCF9vRXLFrkpZmMsV2qBMUzlpPCbf-4kw5gQbC7zQ&sig=Cg0ArKJSzIjRqGV39RoyEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F0C4 16 KB
12 KB 87ms
86ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bba58c1b453f7229202a9de09db87f09e5d2061d93e5b07c9c2d6534f571fe71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12086
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame CEE3 115 KB
14 KB 50ms
50ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=320&d=50&e=&g=ad1936446b47467edb51da9d44b221dc%2F9948689235261172637&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0tqkx66gqpsjbdnxx88tv2wawpf6tr73xvh7181gazqmbmp1er7k11qh9tbnqkpym8anh801f18x06rr7vsgge5gqhdjwm0racg5604jgkng66ssd0d39fvz9k2xf5jkwbp9rhjx50emfpr17eqhxzbd65v9b0tnmnthhjjny05megkc6jsj0tmha72hajpyqb5d16syjwpdra8qqz8s0gfnzqg4dp59anarxa48a1j5sbf5ragx85y2649zej8rwrjxjvhaapsrehpq10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=320&d=50&e=&g=ad1936446b47467edb51da9d44b221dc%2F9948689235261172637&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0tqkx66gqpsjbdnxx88tv2wawpf6tr73xvh7181gazqmbmp1er7k11qh9tbnqkpym8anh801f18x06rr7vsgge5gqhdjwm0racg5604jgkng66ssd0d39fvz9k2xf5jkwbp9rhjx50emfpr17eqhxzbd65v9b0tnmnthhjjny05megkc6jsj0tmha72hajpyqb5d16syjwpdra8qqz8s0gfnzqg4dp59anarxa48a1j5sbf5ragx85y2649zej8rwrjxjvhaapsrehpq10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1700261
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q63VXPtRhXBlf6gDCdxBwZzdS4ZXHqFTSbeMoPj1JuWefXlrgFEE%2F6wLg6I3Yir%2Ba5njeo%2Fi4g7cG6LG7vKVsohRqHGEB%2BARmR2dwTvK9y1H3Gco8HLRd%2B1GACLFuz6ktMRGpbHfpFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82f74aec09a33835-FRA
expires: Sun, 03 Dec 2023 23:19:04 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame CEE3 7 KB
7 KB 67ms
52ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=320&d=50&e=&g=ad1936446b47467edb51da9d44b221dc%2F9948689235261172637&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0tqkx66gqpsjbdnxx88tv2wawpf6tr73xvh7181gazqmbmp1er7k11qh9tbnqkpym8anh801f18x06rr7vsgge5gqhdjwm0racg5604jgkng66ssd0d39fvz9k2xf5jkwbp9rhjx50emfpr17eqhxzbd65v9b0tnmnthhjjny05megkc6jsj0tmha72hajpyqb5d16syjwpdra8qqz8s0gfnzqg4dp59anarxa48a1j5sbf5ragx85y2649zej8rwrjxjvhaapsrehpq10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423279
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5g76gTxLSwcMouGn%2BzJF0iRr4ph35e2pdgg8D%2FdDITwMy8CEYehd5E3aRleCAfEmfPb5vgJ84bG5w1OmR3A7oxOugpjyJllBWnAWAlEGxwDLFfbek1OsDw1XF%2F9lQYFwhlHMfOvQ25cAgLY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec283d9a3f-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame CEE3 31 KB
32 KB 105ms
89ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=320&d=50&e=&g=ad1936446b47467edb51da9d44b221dc%2F9948689235261172637&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0tqkx66gqpsjbdnxx88tv2wawpf6tr73xvh7181gazqmbmp1er7k11qh9tbnqkpym8anh801f18x06rr7vsgge5gqhdjwm0racg5604jgkng66ssd0d39fvz9k2xf5jkwbp9rhjx50emfpr17eqhxzbd65v9b0tnmnthhjjny05megkc6jsj0tmha72hajpyqb5d16syjwpdra8qqz8s0gfnzqg4dp59anarxa48a1j5sbf5ragx85y2649zej8rwrjxjvhaapsrehpq10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249741
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 31793
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 07:48:34 GMT
server: cloudflare
etag: "ac24017e395215a412b39d1cdc9c2ad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhMu0hzNMGSpk7jX%2BQE7jQtcVwbK1Lz6623bPm%2B3bc43299UdCf883VkbUyt85Lpjy5ZMjGOky4FB1Bxlzl2Uxcl0J56cs1itcQyIx%2FdU0MehW1HCD6VEHGAVLbFw%2ByjtKnc%2BCUrIeQG1wkr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec28449a3f-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame CEE3
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1701559144_2f34d810-9169-11ee-ba35-226154e726d7&insert=AW&&gdpr=0&gdpr_consent=

0
492 B

129ms
54ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1701559144_2f34d810-9169-11ee-ba35-226154e726d7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1&c=320&d=50&e=&g=ad1936446b47467edb51da9d44b221dc%2F9948689235261172637&i=21596&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0tqkx66gqpsjbdnxx88tv2wawpf6tr73xvh7181gazqmbmp1er7k11qh9tbnqkpym8anh801f18x06rr7vsgge5gqhdjwm0racg5604jgkng66ssd0d39fvz9k2xf5jkwbp9rhjx50emfpr17eqhxzbd65v9b0tnmnthhjjny05megkc6jsj0tmha72hajpyqb5d16syjwpdra8qqz8s0gfnzqg4dp59anarxa48a1j5sbf5ragx85y2649zej8rwrjxjvhaapsrehpq10%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtJOfZ7trZbvSFbmFtOUP_9q-8A6Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoEzwFP0Kn1KsQba6GbyGswhTtBH1M8ewlYn5cUJJCaHkpbxSjBY5L0NuaBCShRDJ3Qu1BjF-ZRQxMvsCjtpf11wDvLTG9orNWlGmb3fpOUQKaatiM4twkFmNA391e9jsZ7j1QyiqyhQM5U3TRZrTreQ9dJ7dyBQRe0WteO5tXvxcn2zxLpkFKbM8vAQucVl4D4I5YS95pn26fpQffPS64g5O96E1Z3eOEtp77yZF8YsPdxcyRERFsz9Yl1uQhQQ1HPBDzCpvUID-kNzD5Y2alLi_-ABujNzsr6zsbB1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_-2y4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3Z2ZkIfbNgGVxADpBAsi3Giz-31A%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 82f74aedc9e99207-FRA
content-length: 0
expires: -1

Redirect headers

Date: Sat, 02 Dec 2023 23:19:04 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1701559144_2f34d810-9169-11ee-ba35-226154e726d7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9287 115 KB
14 KB 50ms
50ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1700261
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8Jja8j7917xuxvwcXPL5LYlSjn7dZNp85PeWU9oHvR%2Bs1yoR1Mo14L1TmsmqU9NYRRhi84tPjygR8h3lE0haUBHi4%2F5CwzQkv2zm%2Bvw4JzttqyqwUvUahNA%2Fk7kh%2BYr2%2FZKzR1wk98%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82f74aec19b13835-FRA
expires: Sun, 03 Dec 2023 23:19:04 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9287 8 KB
8 KB 69ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61541
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bG882sLSj1CaBQirCPKSPW7hcBjNGDtHoaZALCIfdUa%2FhksvUaSp1ls6nZcoQiAkbfKFNGu5TevvriFlFP82v5Ihom%2BvptzsRQL1sh7QGTK5rfcu8vaaIP35aNREYvXMveJCrO9UgodRlYi%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec28419a3f-FRA

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame 9287 20 KB
21 KB 72ms
59ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323804
cf-polished: qual=85, origFmt=jpeg, origSize=29026
alt-svc: h3=":443"; ma=86400
content-length: 20740
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 Oct 2023 21:22:49 GMT
server: cloudflare
etag: "9e8c0f685f08676e3b6bec8849b76e69"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHPmda6C0ZGdarTvYrghmhqGd2u7Ls7MtLz8vNLJf%2FmbSesYukAkUhZE4SD87V6dHaafwv%2BxzlyCfuM7%2BXgPz021ZYCdjljjRBAi7N8CLGHC3hw6vnaXfvBghbl%2Fs%2FKE89siSXdeb13NSkDU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec28489a3f-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 9287
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPG4-eLx8YIDFVH0EQgdPjYOug;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120300190490984991077X117703V1226132702MSviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_...

49 B
1 KB

166ms
63ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120300190490984991077X117703V1226132702MSviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991077X117703V1226132702MSviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 23:19:04 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120300190490984991077X117703V1226132702MSviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991077X117703V1226132702MSviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117703&partnerid=12218
date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 9287 9 KB
9 KB 59ms
50ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163907
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMVQGeL1Ers46Te9SefqMqXMFEeRuKn8elm23Hh%2BHeDV39X3ZQ7pikuyZLbw5FKO%2B6yGu%2FQXYBfkJUMvh2AXYsysj2BW66TjgoWgnTt8ycjs0yhvAridhXXePGDIga6pFqTKZzLEcSQbutFG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec28379a3f-FRA

GET
H2 200 279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
assets.ad4m.at/ Frame 9287 22 KB
22 KB 62ms
53ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1961424
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 22596
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:47 GMT
server: cloudflare
etag: "80c578a48f16f48e135bcb3d2ea2c9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvtUPYY6z1Os5WjjUBAQEAaxM5y75lINC6rPlquOUf39YjNO8EHi%2Br098jIZ4Njd8eK8HGYBf%2BzETOkjDyDAmXoi6bgW%2BSLOb%2BlROnqed9rjH9etz4TPvwOECKO4hocnuRFDe7UmkUxieAyA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec283b9a3f-FRA

GET
H2

200

view.aspx
pb.media01.eu/ Frame 9287
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=45665...

0
200 B

161ms
61ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=456654&produktid=Freshmoney&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 03 Dec 2023 12:19:04 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 23:19:04 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 53758
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200573720105030","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: 50FF076C:DE0E_91EFC182:01BB_656BBB68_62FC0C4:41F0
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=456654&produktid=Freshmoney&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H2 200 63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 9287 7 KB
7 KB 97ms
89ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae76bf0f1303ef22d7c91394fb6ee412d36cbb49161c26c924f5cf158a0205d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65459
cf-polished: origFmt=png, origSize=7127
alt-svc: h3=":443"; ma=86400
content-length: 7126
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 21:32:44 GMT
server: cloudflare
etag: "b9e52fa1ea3c4571e05cf17e1bbfc97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDyUUUsn6PbP3Sz7%2F12J3KYfnH4ZRklUBiF%2Fua20fqyZxBafkrdhWDIjAPoqWBrDqbA8IS3RbvKB8s4NDLjGaxLzteY2cByj3SPqLh66aJrVUPq6ljlxxIPyOsyka9d5VSeD4hgM6wZLjGH0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec283f9a3f-FRA

GET
H2 200 A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 9287 29 KB
29 KB 106ms
98ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289f9ccf132c68bc46deb5dc95679ebb4bf1c7ed257523524aa8f9d0a332b4d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405256
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 29684
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:11:35 GMT
server: cloudflare
etag: "4dc30f0d27c48b618a5a39c03513649d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWNdONEGz6vEyIxOol3bgAQbSoAQmC4YfJDbacRwYjUbDGIDDfVbaPlYyCgV5QzbvPyxUY8BW3jeCeRZXjB3zDsz8z1fyFdCtUfIYMZ468kfiB7coA3W1cfjRr0jCD8Q4piuYUiO1CgR0UYo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec68699a3f-FRA

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame ECE0 115 KB
14 KB 84ms
84ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1700261
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3vzqJxg1TXUaqqmigVWu4FMhl8brp3Lz787rdxMFeXGKToOAZ48qu6TFjKV%2F0OTwY3Wi8PhISOX13az5O38wFAxCKrwM1640PoOVRczteLz6iVo8v7Pltij4IefB3HYLuVbnxiPV6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82f74aec19b53835-FRA
expires: Sun, 03 Dec 2023 23:19:04 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame ECE0 7 KB
7 KB 104ms
93ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 423279
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcTYHD55jzoA49d3RPBjW05OLROkKv%2FHhMxjyLC7pmXLgQXLLo2sonnd21usV513doEc3I7TKx944%2BiJnDHFj5fxyiYNpiHmt0Fzg0xaU7Zrv6GShG%2Ft1G4GOC6aZsmxzrs4wxJvYeq8YLGH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec68679a3f-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame ECE0 31 KB
31 KB 104ms
93ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 249741
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 31793
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 07:48:34 GMT
server: cloudflare
etag: "ac24017e395215a412b39d1cdc9c2ad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMJ7iEpkr1xf%2FKK%2F3n%2FYUe0aqe9wZ7taG%2BabJu8lifX6hAoN%2FUcgJ2W6Xcz0KUa8Su9YNTnOBwR27YTkdx1ONjclDu7NnyIYxP5vvBw1XNiZG5HrU8Zm3dYziy8BRfsroN9GsCJQfsFp3Aih"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec283a9a3f-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame ECE0
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1701559144_2f339f90-9169-11ee-ba35-226154e726d7&insert=AW&&gdpr=0&gdpr_consent=

0
312 B

155ms
58ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1701559144_2f339f90-9169-11ee-ba35-226154e726d7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 82f74aedc9e89207-FRA
content-length: 0
expires: -1

Redirect headers

Date: Sat, 02 Dec 2023 23:19:04 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1701559144_2f339f90-9169-11ee-ba35-226154e726d7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame ECE0 8 KB
8 KB 59ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61541
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yb7VYgUipNKawCoItmeN2a6LDsSdRTF8fhaQJu8%2BUDktutEV684Jtzri0pvuJ5RUKT7VNZwvOzI5%2BT%2FeVQm69FezIw387hu7TMUUHC%2FQgjPv9PlUUWllWZn%2F7fixKnGyHZQv7EZmDChu%2B0Ht"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec28409a3f-FRA

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame ECE0 20 KB
21 KB 61ms
57ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323804
cf-polished: qual=85, origFmt=jpeg, origSize=29026
alt-svc: h3=":443"; ma=86400
content-length: 20740
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 Oct 2023 21:22:49 GMT
server: cloudflare
etag: "9e8c0f685f08676e3b6bec8849b76e69"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mhpbya046m7pjxI5zFyMJVocMvv3zpUqPrGUNuL83NcSoCgtxCpnd%2FfJ6FPjNiJkhSbAvOuVEjgDDZoggANklX9GROnNbYb7aNgzUM8PtZ6nT9PtcrolYwEF7aGBqrbYIFXU4RpYGLel9RV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec28499a3f-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame ECE0
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CIi7-eLx8YIDFQrsuwgdIroI_g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120300190490984991079X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202312...

49 B
1 KB

161ms
58ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120300190490984991079X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991079X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 23:19:04 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023120300190490984991079X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991079X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame ECE0 9 KB
9 KB 97ms
93ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163907
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKKbVYN7GeDRPw8uTSJIx1cW4igM85m4T%2FSwnVggDo3bxm3SHZ1i2NY6hpMRmu2m4FIjIgGJaZeaBRMsas4i7e7fIXz4Y246oCVYn4uVaremkNqvmEnuIQsesAQfrLcmvi2W4yyf8wFVpY0U"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec68649a3f-FRA

GET
H2 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame ECE0 28 KB
29 KB 100ms
97ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C195016%2C15579&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2Cprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2CJBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=120&d=600&e=&g=645b64a49109ca8b54309822e224628a%2F9283818897659249592&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144192&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j7zkrhh1syec0a00ww6e3hqeqd5pkc9a3tphd751qkvba1jqz8500ecsmh3fmj68rqmex9mftxt8pan8gjet18rd17j1652eppw1qj77p19sfb3805b8y4bb9ftws9vwsesj76yzjkdcwpfgda4y1q4x8kxz0am2hev71k8apy3dkyjx5jmv51zd5cmrkqjwth2g37vax147v4hk3bx5ws0razk16f18v0728965tmp5pfj2qtv8gzeh9jdk372cfeerhnq49k7p4xk45vg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCazicZ7trZbr4EpzrtOUPgMiDyAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0FW3D9xM-s2Ct5zI_h4wP8scXjHjDQcF1KpNXW9UwQ7sh2bSPgpmyY608ZURwbDnxOYzBSb8eXsy-3BOJMuCeAJij7BRpR73heug7jVtt8gsvXEiXg0CyGeWVJ5trixyZl5LMjQsTYJxKmcuaz4g9irbuJY-IWg9gpX7RQw5dOP6Dp1s1xgX_nWfqfV_lFEqRV4pDYIRc1_BPSsysRMVRa6n5UU4HlPJWo8n2l8EUrUy-9Sn6K_CU0AWIBAny3qJww4wjlqUI-o0w80lur9RgAap58eU-_CJh88BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKScsOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1coacMCw2vZGHB88j-gK1ccKzFig%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 406482
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28958
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:06:38 GMT
server: cloudflare
etag: "346e75cff96234b45fe664b527c7c88d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HM70Oy9aabuMRQsr%2FCX8MifCcnT%2Fd%2F59xJhVwIC%2FWAG6V4CkXZ%2BVEbr1pNIw8CUxLo98bVr4yKUgDtVasT4H3VSg0gI%2FX4WK3VaIUuf7m2S%2F8IV5VuhWNjjRZ7FkCQ837HLmS8P8Du1W0SMv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aec686a9a3f-FRA

GET
H2

200

view.aspx
pb.media01.eu/ Frame ECE0
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=879111...

0
630 B

139ms
60ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:03 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 03 Dec 2023 12:19:04 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 23:19:04 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 53349
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: 50FF076C:DE18_91EFC182:01BB_656BBB68_62A77A1:55DF
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8567 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 92D5 829 B
560 B 49ms
49ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2dcc85e074327b712d3de9ef86b69b6ac677b320c439ad8187103aa08947f82a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KaqST_Jr1nSzCJ-ke2WcZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KaqST_Jr1nSzCJ-ke2WcZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Sat, 02 Dec 2023 23:19:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0656 0
0 74ms
74ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3392804194511494&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C74 39 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 869A 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus8hqogyKPWah0dqR4upOZ_apiqpr7bO6-41hI9fI3Mm8xTxB7wJ9BNHvk7tu0pmzUT3oco4-WVkCEjs5OpyhWmMkmwL3Z0QSfgOMRRuryWcI1gMlEwwbEUkvbwIpg4KJIZAjpEsUxr_sOTfObKssrPsxM46Pn75RktHiHYzsMoiof3PR7ISb8GqGq6QAIdIgr9Fax0skCLJGgTnMmoyibkzZOQAKuScWkM-VKF2qv-SA4s3Qr_8p7wcOSX_X3xLpjwwnJmjnsaODKx1J4UiANke37xQrj08q-AeW0iy8rtD9l3oGvqaMMntamsVfvlAgPqi0qyAy9oyUfoKyFORvMPg_MmII3nCQAUZjIC9azgaas0gUdwZ8_bHq4bNvoDxK8RraDMQ&sai=AMfl-YQaNPhrjJSpKakFsr3fkDf1DiaIMpp4M0s3TLeAz6_eUKg0QTH4WB-LHegvKAqsptiYbHJN6jTS65Qdm73Sp4YvA_7y_VpmXA&sig=Cg0ArKJSzIZuLJFftPZHEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 869A 16 KB
12 KB 85ms
85ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82046094f443153b7d2d788d2aaa76821d8c35c683398ee42ea4d2c0616ac327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12267
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EC6 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B55 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3717604420102411&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 200 rs Show response
ad4m.at/ Frame B05B 1 KB
2 KB 77ms
76ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bcb9deaed0b791befab08d76d2b459954895888a1c4bbe15d7d0ece5c5405d2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOFEcgGalYuxQFRN1YJtYFXWXKjcR%2BXenT%2BX8eX5%2FLFz8X4dEyXh5kgPWZRTgj8Kl%2FquGvMabZeRE8np1omhhAewbba1bbnwtxV3ivNY5HqrObv0L3JBPJKRAPKlZV7Q0eCPF1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 82f74aecadbe1d94-FRA
x-backend-server: aa-reachservice-group-europe-west1-09x9
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 59ms
59ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f74aec4d811d94-FRA
content-length: 24
content-type: text/plain
date: Sat, 02 Dec 2023 23:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jHdcVovYu4FeiPC8V1Vv6CVbb1iXhVYk34m8wGdT0RtBFKyHCFDJVpe5FBKRv3FdaD%2Fwr21V5zAFcAnTLDFgU3NFZ%2BOmbLWSCSNi0xYAY7VynckKbxd5E9nbqpvOBZ6gNEaWr0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-09x9

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 40A7 0
11 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IMlL0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F0C4 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8567 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 92D5 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=69011117150141&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9287 2 KB
2 KB 248ms
109ms Script
text/html 3.11.198.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&wgprogramid=278155&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hccca7bbdwrwcwpc2g71x8vfmdezk5zs2e79rvhv7jn8a6yark10zt4dcrq96m5cp2fj5cm39xvm44xfakrr6t8kt0dzddz604wqtv2vxfr8khfj7gnppmmxcx1q7mvmaw14ha4szj59aq74ebge58g900ze75jnx6pkwqc914r8psykaka1pn817f2p5hxcm2f1rn7wtwd1d3t7wm7hn5m1pz2b8edy35jj9pdwhpc66tck5qf3m1nbjy3gvsec9eg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&viewref=oneidm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 1292e867f3e50b17e289a1caf977612eee274048a01f0ce69e00d64e6ab9f546

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
last-modified: Sat, 02 Dec 2023 23:19:04 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 02 Dec 2023 23:20:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 869A 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 23:19:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 13AD 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FB39 829 B
559 B 50ms
50ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

919a7152c65d04e9d4d72c136870a8917ac248ad064e6ac0b11794954c70a66c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vD_AldXrMSrxTs9nRZCtAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vD_AldXrMSrxTs9nRZCtAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Sat, 02 Dec 2023 23:19:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0C74 0
11 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FpSizg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6EC6 0
11 B 39ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fEUGgw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 55B0 9 KB
4 KB 60ms
60ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468332897a7829a14ba616d3a5a65fce36ded1fb0b141e7a823139c3eb4d407a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hgnrm07h08w806gh8vcc2cmjywesctf267q2956cnj344ee2qe2b2qv328x3wbkmgcp14y6qns5f4n7126bakzgj31wdbx3ssk6p850mwgrdr061a6rbgfv38bvtaqyppddzz63cddwqjxv99a2f3bznd1p96t2ydmqjagypqcwakp3827bevjc8bcjbz84dwmb463c5nab9070s23se117b1b18cb38ettktjtx13j5c3qa0dfebxsjk4855fst1a4e0zx9m8phssyz7zw6rw6a4e8w9ef8z39vxp71xtrx5k7pknagb9gaxyvrs6v6b8x7m76ateq97r6f147k8e4x7dan0hw8amj8t1r3ndakt1hvp0wpy3k1m366frventfya3kzy7a41h2p3zw16s1q1qp58srqwpzqcpwwz1n2f93zvtsm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f74aed2ab23835-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D07B 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7B1F 829 B
561 B 50ms
49ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7d5b6fa606e1729869a8da6f30632979b1dba09e5cd3d5cfcc295bf3ee405c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q9BFtS3jIU3b34kDcJEx4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-q9BFtS3jIU3b34kDcJEx4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 23:19:04 GMT
expires: Sat, 02 Dec 2023 23:19:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8567 0
11 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yxgOWA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FB39 0
0 72ms
72ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=573928386794852&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 13AD 39 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D07B 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 55B0 115 KB
14 KB 91ms
90ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1700261
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQeaBdQ0XKlo37RvEuIQHJ%2FxL%2BOvT8e%2BMbRpuScxRZEYA2lVe36komP8WjwfOvsMhBthi2cmf98%2F0%2BGBa5VGPOXlMiuri5eTlGtbHCaaNiMhCmO12tVyprF%2Fz2DUOj%2Fy0TztIu3DcUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82f74aed8b4b3835-FRA
expires: Sun, 03 Dec 2023 23:19:04 GMT

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 55B0 8 KB
8 KB 51ms
50ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 967497
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FYTr7k6pTXwKhzLexPhzwyJpkGhWxpHpalyzd8LaVYvxMiU1YYswc8XlVNYpo22hLG3%2BI5QdDl1KFkzdgq0XoiMKEw%2Bh%2FlRYFdgcFoSEt3M7vCkUChnV4AtATvSXI%2F8ZN4PvoqAiGDmZmLI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aed8b533835-FRA

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 55B0 20 KB
21 KB 91ms
91ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 314637
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcS%2BdyqJmJwquoroeLykWHE3Aftg2rcnDajFPv%2Br4Fiaxq%2B90mPDsRrs6F3oinInkhJRJ2J0x9oUcpoOiA%2B5zLR3VoxAMAlOsUN5PrMwc84SNLgmmqixRNpfqnt1ScVtCvwloHx1jIkqR93%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aed8b553835-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 55B0
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNjJgePx8YIDFRqf_QcdHEkOCA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023120300190490984991081X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

156ms
56ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023120300190490984991081X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991081X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 23:19:04 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023120300190490984991081X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023120300190490984991081X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 55B0 4 KB
5 KB 51ms
51ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58752
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X92vs0KlOClTXP5zXYe2MiUcKgN1zLYBOhXDF128eO2ifBjm%2FB6%2Bczp7dJcvG%2B8B9kUCq%2B46SLfzHTMwfJfLpejrVTlwX68PKPC3O18T5CuqaQ8fthWo%2BicC9BIAWBsZIx6aCoM3RQn7Z5of"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aed8b563835-FRA

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 55B0 15 KB
16 KB 99ms
98ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1962940
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rITBmUL%2FzXt3M0Vqz599%2FAVyj2nJRk2MKZ6kpPUg3%2B3bdjYJBvFsOR08kOs%2Fyhy6GXYOeve3Oh85l52WYd8FWZL%2FPQkJpswDgyNMYhqr4lUV2LixFDVdSa9b6oFTE%2BKHMBMACrPdhVbShSzY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aed8b573835-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 55B0 43 B
702 B 128ms
128ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 23:19:04 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 55B0 2 KB
2 KB 59ms
59ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144210
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCmShRMIKuZON6HGSbMWFmtj6t97ZuTlWH2CKdN8rpcpnTAfzB8N0B%2FEtZy3jzlmeACT4Ha6C1FNptIYJWLMoPcLsSMjdcHBqvn0Uih091mfC2VOr1PUsKhANdjoj16Db00n654eWEHFqQjF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aed8b593835-FRA

GET
H3 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 55B0 23 KB
23 KB 60ms
60ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=160&d=600&e=&g=6969f718480c71bb5e689b401e9f097c%2F12872450324650571362&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1701559144423&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h40d72s3sczvgqqv7vdr65qa55dnqx9h1yzr5hdse3ra9whn3jn8qds45db3vce5shx9r45k6smjzjbdy8fdaz1gzb3ghzz1h3gmfdjhbdcc49hb3543szkh8qhs89y7vq72xe2gn8ysk368rnan1fzn0m3kk00s45x2rj177g4xh8bwtrrn3nnvaxwpprzjm272vwcfvjawee0z028wah41f71hre68yn32exgk2w4vrkccv5snjw01qt04js0fzgxxggtntrwvz34s800%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEe9-Z7trZeaIK-iSi9YPneam2AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0EFP72qerL6AIR6PyultlHFvQ0VgPWYjipf3Qv6xvPOGrz280LUAN0gAjlpHJZnyk_q54Exs6vV2DIetnszU6MRbKrirZoA4qFFi3o5dHOZRPl-N2sAer-hB-WzJX1R9Tm-OQioflEPpW0U14edGN3QpZq1zfygMYR8pk0g95Xx814eIjUHODrr53l5MJ9wqtH0hNqGQoDaFz-SCIUfN1KS5-jLSa2N6eGNcduHcU-znCIjS3c3krfmxzgtxTafBkLN3404rQE6q-VW4WDeIgAbo09Xficvd09YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNClyOLx8YID-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3iW9CgNaTBvGiZisECSc5y8_a6jQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1616199
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ONASrnyUUNP5ps0jrI8cJizzsRvJYALEeqfijsbVnyFo504FGO%2B91lVYDX1P593ib9VLqGzrZ3Oki6yCDpl4KurOjjEa1MyLF8TZG2ydEb56EcQmQpFXkyW3He4723PHFr9UMSyuwR8STOQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82f74aed8b5b3835-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 55B0 43 B
702 B 160ms
160ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 23:19:04 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7B1F 0
0 72ms
72ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=3811779048352786&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 13AD 0
11 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NJpXvg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D07B 0
11 B 39ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c1LgWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9287 53 KB
19 KB 192ms
51ms Script
application/javascript 18.66.27.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&wgprogramid=278155&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hccca7bbdwrwcwpc2g71x8vfmdezk5zs2e79rvhv7jn8a6yark10zt4dcrq96m5cp2fj5cm39xvm44xfakrr6t8kt0dzddz604wqtv2vxfr8khfj7gnppmmxcx1q7mvmaw14ha4szj59aq74ebge58g900ze75jnx6pkwqc914r8psykaka1pn817f2p5hxcm2f1rn7wtwd1d3t7wm7hn5m1pz2b8edy35jj9pdwhpc66tck5qf3m1nbjy3gvsec9eg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&viewref=oneidm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.27.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-27-17.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 12:36:09 GMT
content-encoding: gzip
via: 1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 38576
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: M0xz4rgTBvRMbXhHIIGu-vSORNw0WXwxsK6F-eIYweqrQVMY0RPqeA==

GET
H2 200 1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 9287 2 KB
3 KB 152ms
43ms Image
image/png 13.224.132.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1701559444&Signature=dSpIFCjSPUdlZfXbxXEbMipxipImyrJI7zrFj2GjB4HEq6~hHPXxfMPXgXmJPZ~uJUpubx-XWvllCinr9vJpuYcDDWUt2uSQa059T6y43ZGZAKCdhDtVyutapyl-ixiIPF7HorEIEYvtrb-dP2I0SkwQ~YPhc5GqEHQw6rRYZg2vmsG1Wki84CJrc-sdgU5Xc7WAlE0~OUWEW~Gnz1WolsTbkxY7KO~99~QzuWR6p0JSZaALhxq9m1A9enYoLu7aL-VMMoORughzU6EvAJY4B7knfi7V3q-ymHFFfYPu7Pz00a-546xRr46c~xU8EKKZ093x-y6lis-S3v6MUpviDw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C59372%2C177100&b=r2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1p%2C13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2Cm3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ&f=PxefBfbfbjWET9HjHbtgCPPxuJS9TPM7FjP%2CwA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9&c=800&d=250&e=&g=f56c69a5db7ae8e11c249c9e42674a3e%2F3085461200531240674&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1701559144189&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g4f2p3z7x9pc6fvfetcvvxyqgf7gkpzfyt22cca8tt8wy5svga5vsjfv65pd2dbb492jaemkqnhqapa87qmesym75dtpgx5t7fm38h6jwd329mxrj0fqk6c8gfq549edfdg1pdhb878r4m1v1w9f2jh6ft3j5myw87cfnat86583pnhmvsywhbh6cehzzg4ez11zxpt5bt6c55eg4g13c4k30k095rv2tntp897b4ncc2x8ycz9r76cs8dh8b8ndn847cbxjtca2baf6h90%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyH7VZ7trZeq3FIKii9YPtquw0ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQKHFnI5ikKyPqgDAcgDAqoE0AFP0HzTN62GeKqT03al1wNEym_A891EEEttNCoge3aSYYVVxxQ7d4SU8jTSykpCnHP3NQn4kis-Wzdmt4l4VDJuaTEs_D1bay2BZFD2ug_M0OczymGk80PRtzWz8C51S8ZfbnnIGtFrah48yy6hjlTPcyXnq5-LGQ6LUMVszapj6Rf51YoixsMe-Ez37wluq28iEy2cZKzNnC3IvXnGwjnjxSxGWiC2Xox8vVs4_IVH1DKxxUX-DhYcsGAfItyCAUQg2IPBkluA1-E4eqdY8cAjgAbnzKSR8NGd2XSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY89ax4vHxggP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_32vmsVz-Yf1lLKmrsC5OBYV4sxWg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.132.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-132-52.lhr3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 02 Dec 2023 03:14:24 GMT
via: 1.1 1de7ecec44e546a1e71d662ee3f2ba42.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:31:16 GMT
server: AmazonS3
x-amz-cf-pop: LHR3-C2
age: 72281
etag: "90a67412ed0b25c3e4ca2ad17658d5e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2545
x-amz-cf-id: HWODiM6uufIbY9DYRIS5rG_S1hnINRAA7wwCeMcDU9_TJAeEA4Ju_g==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3884 0
0 75ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1611315753300357&bg=!ISKlIm3NAAY3kmNgF5I7ADQBe5WfOFIF1UXffToyaPL2hnexYYj9qySIMx6Jd669bHxIR0Kj3iaeQztPMs1zrQDow_ozAgAAAEJSAAAAAWgBBwoAFZsg2wUgtmn9TrGxmX0-C8Geh7VcQpkC_n96pDcfjSOfPUnVFMb2TczCY5LDmCBVwNqYnO8IrJTKnP6XHOtqkvQBNZ6LGk6SdwQmwsgSr4wFVnUSx0cOrUS3iAP4feuHa_h44sjdYkE0RZqlXjAm8v5Z5val6l9wm6swkhD74tQCP-CBCAcsylG9vjuus9a_YMI3VguKxZuCHGSUjTPrT_yYhVku3LlGcwleEDznOT4o2sw-BYExKfgM89t5DXT5j9c2SF4IyvIk6W-ogdUWWf1E1uboX91TzeK8sisgo2WxQR1QzuECDmrwCHAFr9fW3eRAbdH8lnXXG0XLfpQK1WoWc0YGSQ8X9XI5qrxqNQb57sfgUKooT-iLD92W4F1Kq8Wz-Hwcx1yi0xw18YnacoeOYDlcH5ifGKL96D89xxAFvL090H409bTbHuybTypB3-zK3qboRw_f8AUpGLafO9bxGTYTlHnMUx8HXOljrwO1PANaM-WUI63cYZkCkYP52ehoXWWuwT-NhHeFC6D5f6GQKcwwpNc9BAin5sHftzHU15OtUFwA2bi0ZYVxbIUCxIBHTIE4-EgDcBca4JJ2hqp3gtRJeO77RyEDdUPBEQqvIbeuTrW1aLL7sTbSKDjIKVLFiG3FklMyDm1iv0iW4sXisabGnQ-CM1XJAO9s1Fxa_otM_i73UFo3PLJ5wnzfjdmC_VwxGDbiCeebTWNHqcxTw5GzRz6Bnj5tzdzvos4Lv0UW3Lu9ovMXQE7rewkoxAmGXct7zz2MD1eCQluE8oGFSnO-opEtyY97-aomH9H9zfoZYxxEvRG8Nx1LGM3PCFK0iimxObIpJ3EmAYI01ZCRcGmiCEdydPvb7E8BAXNWIw2-zPjGlI6UiQZ0BAY4VVC3UK9vhg8QVznU6UFwjI2HkSQRzkRWc5TUq3WsmncxCyqVquN4jSToT2wdIfMkP2apvjzmGnCcKUZJ8UGHKn2uGnN9Z0RtXwrRij_-7CzMkxAHtJxKR0UYrKtsk8QidJfb_uBzLCP0L25ZZ6jz_Pnu4VxZ9MI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3884 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgiIAOAc2pLRtD5rLjH-vwLQioW4zWo74Rt7Jk_trq5w6OER2gRLhqWlq68hsUpO4RrfXDa4xlnHM11RtMZPhM685sKZwTCJ5O-1DN91A5Ll-cdb85jmFCXVkYZ4LNQwA976PSfXnPpw&sai=AMfl-YQxoT0doBmpqqSVOM575ThFHOPots7A6TmctXZS9cdYqJkuhho&sig=Cg0ArKJSzIPWeIIdktSVEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=807729522&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701559142653&rpt=1084&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 23:19:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F4C3 0
0 75ms
74ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3711935980509958&bg=!MjGlMX7NAAY3kmNgF5I7ADQBe5WfOB7hQDcH_LfoyBLVT2qqYl5exL_m7Uf6IIdTOoJXSUy65ftU5bXXc6Vgl828hM4QAgAAAE9SAAAAAWgBBwoAi8Ldi8lhQExSLstP2KjJeRuKXbjHsxi2V5DfPbqknbsYFKXngua_LAsKHTYoJrJ3eI_3ZH3IxP66oCZ2doX-tkujLf6pS1tZRlCilgcq1x0yixNSYnEyiyVICv62x-Jjj_aCiMLSyjGqhZelj1xJYuSwToadATA1diauv-PaCLVvd9zsFVNstuDVnj6ZAwEz22EsdgUQWaNWhx3H77x_B71T3k6ORkiPSoSE_2ROwHV-J-s6oAZzkZy9BDzR9EpnmMEH7GSPld53cSgdyRnVeTYb42fqfzSFsyagI4dMTW0EIXuUvb7Vu4PzxhYqEAOo9beUHzEhnA6vmcOjkW1T8XDwZ0xhP60LYJe0J6z1ftg5c7zhJHbI3iSFPxbbW2XWfYBhp67kQSpitjF3vw6uJHnVoALf43lFIUmghnONxFkc_Mp6VhlNZS1dKwX0QBRNxzeURGNMI4dDcEyYQ4hJyOynmQyH7LiCFhsUot0hUskJAfjuB43Mnttvn4oRREhQI6BFMBAcePlmygj1T9m9Dz7WklA7Eus68DwAvoJRoJqT6BymGVt2nG1fq2ci5rDjVHuf1ZnmUvmIwYFmc27-9IKncydRGGIqYUSbSnFy693YBNu6FfFoRe_4QZqwTMp7H2P12MHi3Bx_pqVrEoghCnq7wEHFX7J_uDhwr8tbc-WaPmDfWa88meeL5c8rAzVXFF-pnXcyE4kPdPKI7w7lQbnIzttLpzlUH3fqu1BrtimG-oXT5j6QGCPwcYuq5aNyGHw8qXZFIgZIIgAQXaRRYkzQbPlameFVLhK1jpzWK7AkqioT76dc7G_piY8lNavpnhgTlz62UhUz8a70a9eJDlqnr3c_kJgqcHOTC6otGjY_1wrtZB_iUBDfufjObiv07X_fNMfY5I9HJKH5LXGjKBwGF6jCaxEB-YoMb_b0ug5pwHcj5FbtpuXxz13iRQZbf96scdp-5B9xO9UeiLBRaLO07LuTNC5NXNsr-3HEWC7-tkHF9_AfMVrK6odmseqhv1CwvRoUudPhmSuT5oR4mY_j4HxC4IpQ7PlsBnR9VN_dvzj5xvl0QvdWKuHEndZjxcX9zyYVRs4GvafNLKOFK8LAYSKDbJilCqoDD-BaMMopjrbg5asehE0YdjkHP4Juo35vGNlupcdFzvh3dceJ1K-00FRowZ0bmTJJNELWHBq6w9nhsCezoyy-Op_k41qr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A906 0
0 76ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3392804194511494&bg=!kZKlkt3NAAY3kmNgF5I7ADQBe5WfOHUdNJt-_JJfwiRdulkRzOrxhCx87_dOxApcJYvmq2pYWEOZE8JdhACK5WjMiVmkAgAAAGNSAAAAAWgBB5kDAtZa6QZJKxwlTuSDi66drpVHJ-FNPaNQY22MMDo5FcIFN4QHw31pRMA2Ge7N5-kuBOh1gVeB--04Z1xteJDJZMp3Pwi8tL6mNVtxC7_ki9vgq1MYBseyHVPHJ2n-U5e3DbDuj0lzsFnT9CChOl6XoOke-yEPAC8ImgEK-vEnhrdbK_iMVQn7BqtMNEtfPNW4Db7Episa-Dly221ytFGCPppsWh-eWYTkpB0Adhs7N1KTgikD_N8jOxEwls9jBWMOiQ6yLLoYbJLE3kb3KySa-f8heTEt-BvHDgDRTVEXHmoPFJZ01iP9WZlWSryuMwwSbLvbNjF522M8RkFbzbYuzlnZv822ZewxCkOJqSE-qDd0LHI93r6KgqPYjQBx8QspZBCovISVQsCFMoaGM9yDt3zqgnbX7yBxEi_H9Quqtzwxroevu5LrfnZZNYnNkKPt0-xk9NnGWZFgqYAx8ZMkVCAvVorzCfJlI93Rh7Hvb7I0L0NSfAVWaHudZrigycYmqGPWZ-Ftjlsw2rh8ylKyDumpzlZGMehFI5FVO_S3FOEGkgPbGXSkKUGXZre43kAfRK1zIBNNrR2qndyzHgXIGZ8oHE8LqiVwE_4XfVUCalNNMQ_itz8OeAwYWWs9JxnMCK-CiOQG-pfru1PMtmyPKlk7BIgYWy25-9MxTOt6-m541bAYXIkGeU2Y5ONb_okM6qEBlDIinWCgak9WPKA9mtryGHPd40YmPvXm9dYepva8JUKihf6lks1_dvfAYglzTo06nUeJvAb7wjklyyfJE_EbksUcoK15yoYz5QjOP5I44XXkXodmN0fQPrvrZSbuBlicGFGRRp97j7MtSpfLlJL8cY54FLKMC83l4K_ph5Lenw5MmDhKkibZmHuSm5yIbXeHPPPDbYSlCqwyQQXt3N6lTA6JGVQ3Y7akxUr83_Qyl1cTMpB3nKYgiM2nZ1dbr6Gi_B854DDE_C1b4G8CHKrYDzkASenaslzXbw6M1lX_FiFy0DgLZtYsl05U3mDRPEZ8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6B2B 0
0 75ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3717604420102411&bg=!dHeldzjNAAY3kmNgF5I7ADQBe5WfOO_1JxPcElO1Tnx32DRC8Wuefld1yUo_gSHJBtN915p0aUGjUaXa6ZvYJ_tZlauVAgAAAFpSAAAAAmgBB5kDDDXbm36sU0d420PQAjrD0p3Po7WACkdK84mqDGlzmc4XwQYCBuga8oSVhuIUabEDHjbbjBZa4_j3IoaeH9G-qCKZb0rypM9f7neAdxpz4kyzSD2VGkuq1kTlus9o5u_wV95ay9mZU2EdMeahMXc_cFUshL3Sww6-dCwv8o_PUORmz5lz9JWq63St9CVDT_FsJwvcK6E2_AdHmF4kix9MHJXJQAABWQpCeRL3m3Og6_EMYbw3K3UdMJJUX5jqlGTSV49wAAJlT6fqth2m4y2NC_bXCEKZqn6m1qGn8Gal6soJddpB7iPB_l3ELxSh1pwPgSrY8SJcishHUs-yGq_2wtWW8qg5CnxaVHofXm-u6VQHgsTW8h0QB5rcrnLUt-E7craWXj2XLvbYzAMgFzNv_GlPTw97W3UqS3esOR8J90_752xToSGzHX3rwD-O8lu6jci0G6g-kvNgkRhsILsvTmQ_w49rk46WleTb3oxxQCj8rQN0-nx1tNwZLCFWEN7cEIRrqtKSV7kqlZLR0RArxkfH8sVfaulNOlKf52FjNFZKgsVxgaEEs8smtcY8Qd7Cd3AObRUWGmNvX3KekUB7UaX5aOuGsVLXxCujE_CNeX7I6TzGPmp7svdE7s-mE9r6dbM5tViAoG7nzNG_-C1gFHzVnDOPMWMobPStRUpeTe70F_HmfVmCZ3JVwMq428ozeoOEkDrpq_PzuHxCSasjYAZlMV0hpYMItYRiHNZA7CFjj69Xb7DI5-cJWgRTibUEMdCy-VNVLXP2sG4goMqbz3IskkYmyUYjzHBBNXnMquFqUjCE7Js242pTM-lKVxxkAAueuG2rMEKENaaJXV7649RmclAjYoOyKPWUxTOfcxXcAV4Puun63wdoLprCBdgbiy1kp40T5gks22ijVR_Fy5exyFB2r__pq_f6X_9Ho1DRosJ4U3WWB7sWnTm4cKASkLY3K_lkc7R9JX6wgRFbYXH8p38LXW1aZFyzZoGy3MnehDzpD9jgTBlM8oOiPvWKXX62qyXte5Vji8aXhw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F21 0
0 75ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=69011117150141&bg=!TE-lTwDNAAY3kmNgF5I7ADQBe5WfOIpOBDszlCUEEhphX2XfZtnPdUFdAD5-oAyj48NA-kgFpjj5U-NdXHa9hfGWpfabAgAAAEtSAAAAAmgBBwoAGEF4ezzwKgsU70uv80r6F7TB0mPjr5xDn5kDA9SQNz2E5UCkD3qdMZCZ_uEd4DNVZmhTeHC1jEODZFwgfF0ECKuOjV7r8DnSz9Y_YbWORbH-mIksv7Vst6DDtlaYxSZjoQ_7JS6shuiiwif__GIeua1sVpEKjIFtqeNmoHdj-Iyvi6YVKYC-8Ypa2_q3VxJRqd3VweD2XZQiyWpn-OMZWyt0OemxlPpRpBxgTnbvHOqtBbHaxIvwQbRMvhNhX7JRcvNaCUTWj22nWc4MLV7HPujlkVSlCWeI1ZRZyPCOHGooMBY9MXvauVAVW2XLKExRA3bqN4vQ-mpZPrLfv-XjX2TU3K5EGzSBZWbiinQgF8hU2UUR9Q0t8-AD4lcRi6ezD3vP0eA7CB_bs9mfSLKpCtfpLoQvQ72FxvExEMjgHSShAbgrHg_6QQEPG6Ngi2Z0THVtMM1m8T6YqAn2auK2fbRab7alNztDt5ZCe2t7T8-s486rzz3J36vFlFCww4hkWBz9H88xMwcBLq7TbI-drGBqu2gyKWTZz79U3DPQN8WLeWoQPYDWDPaPItp4p4rZI5B0ZoFFy5qYMx47DhACkl9iU1JB76w1BPfCYz7tSHoep1qvbLwWf6ZclvX6caiCtaZMnrXIWvw3ufekUdqXbKLHQKFaoeOqnEDTEWuhChbk0B-Ex0JJJLiI9f6hBNshWPP5vFgYWeRixc_FJ57NAebycY-nTHqY-jYQhbb-SVqK2C1SLmLcjxdGSGo7aRLn-PNo4mxPBQL5lgtGrlYsNeFjpvsAQKAl86mDOAcMoeuLy12gCgGNw4U-CXn8p243nfOLG30I-SUOln02aNg3qkOUVOO5mVwcUswA2ED6uEbT4XuW6gx9GPh3-I1RsnAkCEQHi4rE4aUIS2fzVSUaEZKOQII5McWW_I9DRQCag6a88Qwwcx-LgkgwTPdtyT05tPrdAnWYDMLWlEOTwyoBXBP05_mfIllbfceimhJIbnHJ-fpTcrYhvXtYIhAoGausDpXULiWMO_7etmLn_vhHRbgJ6iZEbSQRZfKLUFxHhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F0C4 0
0 75ms
75ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=573928386794852&bg=!IiGlIW7NAAY3kmNgF5I7ADQBe5WfOJS9_8-59_u4uiVkb9mc2dKPWMTqpYmiYMsUjwnLERga9rxmMgEKJlG38QZxBRFDAgAAAENSAAAAA2gBB5kDDT63k82OelOzTI01MJ_eDxucp-ptGv8CnSTR5ZYBmXAWBR_tAqjpRHeJg22Fh5Pn9pJjVC1Un4Rinwi93u4XsC1mR_PeJDpp2Y0Yvct2Wc0bbBiPXG0NRCOsDBOLO66mD_ZROoLXlTKClgUA9OwvtfdYDbrbOzaEbH0kRsipkusUgMe_NiRy0T8HjAqweGz_fllfl1VpRFTReX6oEDIpSJ3dB-9N4jWWly6MYdkmzxlqfIfB2L0Eo86g-BgIbH-9x0YRHQbbXVkYhKGKn2LT7ogx0i30cimBrgmJkS2H85h1nVli7lygc35CoHzO5L7NCU7Vmkw-oCCyYUNhiWEh3VQVfT0sT82Ol6IHjUZLxmRcqSSQmwTUwhMuPAGkPc6q2oMlg1OUiyqNIVG5kal7kby-nWQRP8sHFfNC7qVeP2dvsBZ1pMYommlCNY69_B_yFX576FiKdEJl_pRD1hegYlcX9ylRTic55lSNv3TrkJoiTJziXhxoWVWETsWhqfT0ssDjycM7z8xlnYVW1B7Z0xSBykzrYNXO8rHducJD0MiH210dnoPpomAnz838jlNMilppzLjV_5LHlwS4DjWxdb9vnlPhxaPcBwIVLESkRWT2Wj8I_Qa0llxg6S5Gfaf32GUoJx3h23mnRxQkEDPv17NNnc4tgm9tk06OuJ0919H-oddWcyoYdghfnI8HG9LR5ju13_ATFz1WN0uevKseJOrlC-Q1HjpG2wAFnr7zRAklKURoJIrZNu8x6cJPEK-nYGLix_utVsVYBnVJreQRJDSAByQg_u0vpqB95t87NIDynGDEL799hTQJEUTlGxTNrEvVS5apR3ebgiFyikqZj4gyPVhZf-O8z9CwtnAgQi8IK6VuzRzMPP13zaQbkOoKbl38w1jlwXySmMLY8_h45gpjFfT6BVtNh9J_Y5yKNz1kbK06yiZyxpGbu8q8JiVP2XYwtdgocfB_YqVsRNZSTgcBYJFErMETamx8apX5_fZvx6beuZkIu5VfWNpyVY6-F9_TVZ3VTt6J5FjAQm8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 869A 0
0 76ms
76ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=3811779048352786&bg=!7O-l76DNAAY3kmNgF5I7ADQBe5WfOJyR20JWrDhuEX45uvdA8EXwIMOqdStFRFt39XngWnVvkzjmkOZoS40jXBgif6grAgAAAD9SAAAAAmgBBwoAJJ6OAMa-kvi7zOAXc2drwuXbHfnyGfcPxCE7s9rCxVPbvtNRWJkDApz2UMYmrfv5Vv1VEH91AjpInu7UWarse6j8y-9X1z9orni1_ouA5r25kRNsshRhRyR1IcWVmk3q89NEh-VPRStAaqZBuNhS5bB1Q5fHGZxOOrLHTUvATLgPwrOV9MIxCL9Pdwa1BlaM8hlg-wbgJEbD9HICzhflvdTGIxJRALWDQ1XUoaTmMFdrGj3x7rLZl2Zpvp8abLzx5k5znNclq7COKkcZc9twWvyemq-WgboL2mO_qIT_GONCD4fencce5OM39KTw8TtWUdLQnTsolbhJJR_oVpfx-e_95JFQu4JtRAb9N7AvgdxV4rWTtan_-jKKF879R7cdy7mqcJ5p_gZ810XODKPH2YJKYXFTKSUEiEfhR2p5C_rd-88BCPhg_vBthIMurFDoS5K9oJuu5Od8JE2U9IzWziKWA_5InmlCNmJl3dGqvcJoATHyh9ljLKDSWtBofvW0I9SSOeckc8CTo5Xh9n9e8jKBMo-GIwYYnVYt_PJL2KBzgwyh-QNyFe4OEWo51BBNer2PVmgxRVLHnrb7u-iGe474Xx2jGH3-9w-4PUFhh2q_ORU6YWndmU8U-Ya7zNnMbr8s9z8SPpSDcDHbffXI7tk5OyZZkkddL_NGvTsJGQfI85kbtWfZhw5S6BVggUez6hayQLzSWWKVIH2Vnl0vSqpyDcUlw9MYmRjVdeBijHjdCqiYSAzIvNgMVg-bln2m3UZ3ISck0LcLdjOrUvcKW3_egrgUXQYwElkKoNCpfk8skadgRr1cAoYI8pQaMDTqpxQabYaWvHP_4e9DIZVxd3GhFEgHWf7Ds7cP_kLBZkakUnNOynJRvnliZzJdL9YVMy9iEy9JHwWkwT2CLaoNhrBGSpCnaY8iTiTuh3XBqxscDZR-CL5-3YbsfwliiGtd5DpnXozJMnYQYjha29214fv5-XNsL8TT53uYN95qUm07XzsjPe2yITOe4KvMcEMUaGH8NzXfJB8bi4I252tDEaZBUu0jVqG1iUDWp0TKIM2UZebAxnB6Z-5e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9287 16 B
209 B 95ms
95ms Fetch
application/json 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Dec 2023 23:19:05 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 206ms
47ms Preflight 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 02 Dec 2023 23:19:05 GMT
server: nginx

GET
H2 200 busibuyunbusibuxingriyu-huzhongqingwen.jpg
static-a.xgcartoon.com/coverw/ 647 KB
648 KB 804ms
804ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/busibuyunbusibuxingriyu-huzhongqingwen.jpg?w=780&h=376&q=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c29d9d7d70e09ecfe8c51e3c07be9bdd998fb54bb06dcea093925795aa88bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 23:19:06 GMT
cf-cache-status: HIT
last-modified: Sun, 08 Oct 2023 09:10:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "29FDCD97573C8AECC3F9FDC25BEB2256"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELnzaaUPL7RgNF%2Fa9rRZmsuJ77%2FpU3CzblEz6ZQHweoGGCGwJQSDhvJ9ICilF3zCxIcDS3chzRn3ZwU0yyZxelphXKiNqkTs0tN54SqBBcZriCnaiJLmtBuOrQxZ3Ns%2FfAl5RFe%2FPfsPJfJGnye32Brkq9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 82f74af728e93609-FRA
content-length: 662475
expires: Tue, 05 Dec 2023 08:09:18 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:22:31	Name: userId Value: do5fshpueuGLztfEn0WkwlooKGMFNE9Q
.statcounter.com/	1970-01-21 02:15:19	Name: is_unique Value: sc12916097.1701559140.0
.statcounter.com/	1970-01-21 02:15:19	Name: is_visitor_unique Value: 1701559140984606219
.xgcartoon.com/	1970-01-21 01:24:55	Name: _ga Value: amp-03o1Ht6od9_EwHhQPq89Sw
.doubleclick.net/	1970-01-21 02:00:55	Name: IDE Value: AHWqTUkamRTaPzo-9cAT6Lbh4ET18szoNNlVUZtrOgcwZHD3OdaUq9LrLYOoy16ETmw
.doubleclick.net/	1970-01-20 16:39:20	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 18:48:55	Name: ar_debug Value: 1
.quantserve.com/	1970-01-20 18:48:55	Name: d Value: EHoBCQHIKoEA
.quantserve.com/	1970-01-21 02:09:33	Name: mc Value: 656bbb67-d42c7-beb64-06cc4
.adnxs.com/	1970-01-20 18:48:55	Name: uuid2 Value: 8381696792471505084
.simpli.fi/	1970-01-21 01:26:21	Name: suid Value: 780082ABA7BE482B96A7F0832E9EE014
.casalemedia.com/	1970-01-21 01:24:55	Name: CMID Value: ZWu7Zxts9LHPbwHFX0MzKgAA
.casalemedia.com/	1970-01-20 18:48:55	Name: CMPS Value: 3173
.casalemedia.com/	1970-01-20 18:48:55	Name: CMPRO Value: 3173
.ctnsnet.com/	1970-01-21 01:24:55	Name: gid_CAESEClhvID20XmmpbKxIChl9OI Value: 1
.adform.net/	1970-01-20 17:23:57	Name: C Value: 1
.adform.net/	1970-01-20 18:05:43	Name: uid Value: 1847877125901882050
.1rx.io/	1970-01-21 01:24:55	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f6eb8de4-9b5e-4ae2-83f6-4bf6603d075a-003%22%7D
.everesttech.net/	1970-01-21 01:24:55	Name: everest_g_v2 Value: g_surferid~ZWu7ZwAEDpk6eQBU
.targeting.unrulymedia.com/	1970-01-21 01:24:55	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f6eb8de4-9b5e-4ae2-83f6-4bf6603d075a-003%22%7D
.ctnsnet.com/	1970-01-21 01:24:55	Name: cid Value: 60f4b82f4f694055b318733c7989bf0c
.turn.com/	1970-01-20 20:58:31	Name: uid Value: 3536934429172942448
.w55c.net/	1970-01-21 02:10:59	Name: wfivefivec Value: IUjlY3gb1R9zgk5
.tribalfusion.com/	1970-01-20 18:48:55	Name: ANON_ID Value: aGnt6ZaoNIvapmVrCI2OCaLjgZdb833gTsi9FXTPPWQRT9jo6UivWqv1NuIYWHyv5ue47Ka7cRMOKmBfYT0DfGs9fWyP3C
.w55c.net/	1970-01-20 17:22:31	Name: matchgoogle Value: 5
.awin1.com/	1970-01-20 16:43:38	Name: awpv11354 Value: 412871\|1701559144\|2f34d810-9169-11ee-ba35-226154e726d7
.doubleclick.net/	1970-01-20 20:58:31	Name: APC Value: AfxxVi6YfPMr-6QshYmr9CgqIJP4B7Fuovmx8GDvXDxzS6uGtgw6WA
www.conrad.de/	1970-01-20 16:43:38	Name: CEAffHA Value: YD
www.conrad.de/	1970-01-20 16:43:38	Name: HTLP_timestamp Value: 1701559144626
.www.conrad.de/	1970-01-20 16:39:20	Name: __cf_bm Value: tU4ScuAtpFnQshFrMbNRrcUn9G0ds0rRfHUVCduvaAM-1701559144-0-AYUIN1YO2QvhgOVWeG0sPmPGK6qc4rL+eDEMxlMKNwvXHyH0AEbmuYx4fjs9XeNAUzX2hIMfUVM5b4Soy2RbrDo=
.awin1.com/	1970-01-20 16:42:11	Name: awpv14702 Value: 412871\|1701559144\|2f4d9030-9169-11ee-825d-22629e669530
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: dxqjz0kbgowouswtexwdi5iz
pb.media01.eu/	1970-01-21 02:15:19	Name: DTU Value: DC0C16358C579083FD9F09A19194201A
.awin1.com/	1970-01-20 16:42:11	Name: awpv20044 Value: 412871\|1701559144\|2f4d6921-9169-11ee-a3ae-223050cf75aa
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.o2online.de/	1970-01-20 16:49:23	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 16:49:23	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMTU1OTE0NHZsZWExZGUyMDIzMTIwMzAwMTkwNDkwOTg0OTkxMDc3WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWRyMkdjUWY5ZjM3ZzFIQUg3SGp0cXRCQktDWVM4VEt4ZGgxcG9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2gwMl9TU1BfQ09OVFJPTF9BRFgxMTc3MDM
.o2online.de/	1970-01-20 16:49:23	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023120300190490984991077X117703V1226132702MSviewoneidr2GcQf9f37g1HAH7HjtqtBBKCYS8TKxdh1poneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMTU1OTE0NHZsZWExZGUyMDIzMTIwMzAwMTkwNDkwOTg0OTkxMDc3WDExNzcwM1YxMjI2MTMyNzAyT

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2cb66f83a4a9068c5b708a4311f31077.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
ius.ctnsnet.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pb.media01.eu
pm.w55c.net
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static-de.ad4mat.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.xgcartoon.com
104.18.36.155
104.20.218.77
13.224.132.52
142.250.185.194
142.250.185.66
142.250.186.166
145.239.193.130
151.101.130.49
167.233.13.224
169.150.222.217
178.250.1.9
18.66.27.17
185.86.138.152
198.47.127.19
2.16.97.41
2001:4860:4802:32::36
23.56.205.163
2600:1901:0:76b9::
2600:9000:211a:4800:1b:5138:8a40:93a1
2606:4700:20::681a:2f3
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700::6810:c0cb
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:803::2004
2a00:1450:4001:808::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:fa8:8806:20::2010
3.10.29.13
3.11.198.160
3.121.34.204
35.186.193.173
35.186.253.211
35.204.158.49
35.71.131.137
37.157.5.133
37.252.173.215
46.228.164.11
46.228.174.117
51.89.9.254
54.76.156.92
84.200.5.215
88.198.250.30
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
046b0a10ca2bb0fe0efd630ceba60b517cbd15b7a1ecc9b071c2cb9fd881acb4
069c783d4fca7be9b800a0ba42e5a3424d7845eb95fb517c099b51e9a15aaed8
06c08a7cdf90dd1c79cc48740e89336f20fecf6938d3cc254de7f6c7f3dda7f6
07e11b51a4c4ba2fae6be06bf00072a50ed779459ad456e0fddde442ca5f4bb5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b0767ecfaa816e049866faed0ccff201701c6fe037ca84913a6ac418cbb4ab1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1787e4ddda5f99fd058f8f0cb4a8a87329111c9d3b0210c6e2b12c6889d472
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d686f2ab1157df64803644aceb025dda3e21438ee6167951feb732b82c163c5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465
0dc8d4c8057500621917b3d88c33f534d917b03234c4716c04ca483e3dfdd69c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10e358711eab7bbdacde3e4d3eb925d04438f07358f0dad5d22a8818fc9771c7
1292e867f3e50b17e289a1caf977612eee274048a01f0ce69e00d64e6ab9f546
13e6a7a86b66aec6cc0cf1441a042fa7beaedbab5dc996b0341301518a1f55af
14c55deaf7ebe64eb047f2deeff0f12615193ff170e0693bebd2b51991751bf0
1550cde0e7d219960e9cb08513b187557f36f8492494b8aa84722533baa675c4
168876f723f2006f28e1e0b373136d34111e389719e20f99b3f2e5ef83dd5b5b
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
1917b964380fc9d01d1e73a79c4d7cd4c0e9ae2a34ae63ddbcd65cea655e9a06
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b96a74ef0cb12738ab70fba6392b32a09edba598e1f28cc55d5213d5ec1ef80
1c4e10957066ca2ed15bd83d72a98619b6491a6c0852289b5d0f1798b5a45a5e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ce64723f400800084733cca3c44b432a1e33fe5df837915a477dab99dea9152
1fa1f27152e0d87361b0db046cae89137d3f1be8c804a2b77885e2c2ca1c8425
20bd92c1a6ef92eb120d689481093aa64dc6121a5b610f44ee047cca4d2fa43f
25d71f28c86f0cb0fce5270aad334c29e34f639cbc26f3a669ef1f7b48fd15de
2661dcb6bfa9b71c39c54788bde5ea88003db9f7384c04e66d6f7926fdba8894
289f9ccf132c68bc46deb5dc95679ebb4bf1c7ed257523524aa8f9d0a332b4d5
28ef4eb615bd705c9a2e61a26253f0b1d6f9847611c5831a22f6a02e214f1ec1
2a70aad1891dd495794f63739962949a29063d70c502665f36923ccfac30d676
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2ae34df2f34c71a859303579488adbc712670934b93f40fa108b9b9247e3be14
2baf3b308e2c655d9c31a96a801c4a8c5fe7571b73236f5e276c97db8e4dbbcd
2bbaf17c8c30beabbf374bf96ec02a7aa68cf828859bd571b4cad450531a5471
2d8689ae269fb24a86254326a03a67b6e48e62356a6f087399890292fb7013a2
2dcc85e074327b712d3de9ef86b69b6ac677b320c439ad8187103aa08947f82a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e944cb821379d14043028244b6d377895525bd899326c5229dbb7efa1c11481
2ead55e5b5d6daaf000e369206ee0dde082ee6cc18236705f1d2f878bd82af0d
2f41cdc29fad9db0b0ff1c365d9cee36da396346538b001d566a66f261be39df
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326db4ba0a99427d55bb9b9c42decc77d1d07a925a3c0bede1ad8e1f511c82f3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3523fe0bfc26b6aea6ba24d933045d533972c56d98371a9ad2f952afa3af4465
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3baf2f6bc02db701e4cc7cd6d27070e7f40fe18e4e2af560e0f1f8adcee9d2e4
3bcb9deaed0b791befab08d76d2b459954895888a1c4bbe15d7d0ece5c5405d2
3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1
3fefd09345b668fc2c8be2e1dac0e5fdad0e037db84b07962c0ef5ddb6c804b8
41060dd159c926287487f50a2d8e583c8c72e6121d1f5ffdc626dc6cf6bf4efa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
44d3841af6833efbffb0cffba7ad72c14c7e398d2ad9a600bff96f888dde894d
45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71
45aff63862b7a85a48741e816ce3b9fdc7e2ea725e1f5989ceb47f502381a4d2
468332897a7829a14ba616d3a5a65fce36ded1fb0b141e7a823139c3eb4d407a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d7354155ae38862dcff25e08d43c0ca18b2e719f64f2788484b867a360bd90
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a59fe09536585382f18253eb140f8afa5b757c57875b85338a0d424f9bbf521
4b7a2f2750bdf4d04e198e8fa34175b5ecdb0cd76f9ef6f848692202a212f274
4d7e3dba795cc58a5bedbef6783f9e5151f51447f01b9e85e54bd16fb762cc15
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1b215c343b9807e0c23892cbafe8dcd798ee9703fc7bc0f8138c281cda2211
4e954813012e1c331127bedda4c895b6f95413719025ea76e0bf50d69eb7a83d
505587c1162ef2d4af495312c860628d42fdd2b3f5536834468b6c7ed186f070
50b6aae2885372069c5110eda8288935631fbb0c83bb9df68343e2f6317ce8ec
521f6fc33d7ede7524e5263c613a5db8df62c4a73a16a8147fdb385a88ec5350
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eda68a8d6e9cf6039971639882c4b78f652fd47545a11a66bffc39df959e40
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592eeef01cf487643966daabb34296ed16931963aa1c3e2de4f817934958bba1
5af2b3c44d498d4ca737d2fbc0acdc882fc81ec81afc4c1b7d8548f9b52f64a2
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5ed841005c6fd7c9bd183a289bb9e7bc9c7a85e90d370bfb9eb42f440b7ede73
5f56d73323fb89dcf3512e4109510602cf73e7166d0071bbab3bd0b4a68f46a6
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f6b626d7aea971ac58c2b27b2493ae310be28a21486ade869f5f64f1569106b
600d54e614ecc2e8c06f0cb077d8973485f4abd2eb0b7e62815b1b173eeaedbb
60e5a59bd06924e897f3f8170823db5fa4919204438357172aa470e442232aeb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52
66905b54cbcb4aad6d4ce03dba4a018cd9886cd6b92e3213fcb359f0dcb1ff3a
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6fd18ac3832da24efa8c6773ce9364db6b8f2098752e92ab07a2183be16b23ec
704717b850344b943d6d4848ea23561feb990e21449a0a193e255c170ed2a201
71a8600692e23209ff0ec17ad711155429394864c88f50066140bc9ddf58a9d1
72e0e53345dad9730c52f80ac573b1103553bf860bdb97e682d214825211d766
753107f53fa7b6669aea9980a59cbbe59f0d21ded66bd2dabe9ddbc24ddcb2b6
76359bd8d7f248adbd361c7b282274d546e6d99a193b2daf30b3d41129f9eb5d
77e95fa1e948cfd2fb74c5881103cc59bb4f5bbda758baa745d1743b84f565f6
78c10bbe3c0f2a94ec98de44c61b6897f46e3fe6a0b26bb856dea23d072d45b6
7a5e8e47f8c822a6b6949d92a6ae8666a793ba1f1a208f19b9cc696d560852cc
7a9476ddc842ed2592539716ef20aa025c571793b66f9c23ac206d11aa52e76f
7a9b1eb15c0ab4bd7c37458f34ecce3d1fafc4c7837bc8d406af18cf1a6ce2f8
7abe4ef543f967bd6fbc94fc40b81fd8a19428d105ba4d20d6f31783e81f74b7
7b853f904253eea1ee9d2ffca23881402056d2246200698f0c0942d1fba82ec3
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7ea7fca64b1f5e4f08b3a996a528b5cb1d3305956dec7502ee9c4f59f1c8762e
7f869ae348d57e23d9f35232f1a38322b607466533bdf10ece58954a36eab8fa
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
82046094f443153b7d2d788d2aaa76821d8c35c683398ee42ea4d2c0616ac327
825c379a082d78fd191f1bfc563c9d02359c8789bc4af89437d50b82c8b2f901
82b91c403bb4593185c877340c69d6b279f57903e9ebeffac57536b748058d5e
843b750d76e003270f4ecdb08283c6d52aa9c663cb0c122ad3bd617bb2193ba4
847677e364f632a14b284e72e3b92d136e77486f4efccb0e81aa6d62432994cf
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
89f365a523630bea5ea3533ec5c06b7db2297d14ccf662fe90aeba69d9ac3158
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8cd40bdbb0e4055036c8a17a5e3bf90b3824676e4eb49bb143b1ca9f68b1c892
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e51eff2e288772db84286a39878efdf29318f5c5ebed1d11a80db41416ecdae
919a7152c65d04e9d4d72c136870a8917ac248ad064e6ac0b11794954c70a66c
92da4c99061d1ea0e284c70e3c6c7770639340e5014178ef76590eca3e1b8d10
9490f2bb8d22cf23953bd1cc028e6405f228e7918b18aa914fa8f56ba9db0087
94b0aa179f9950baa8375f953ee4a03b1606d0945ff3159dafa2c8bdcbb2d59f
97d695e62a2f6236c29b6140648edf58d03a448cf69444431114dfcb8db866b8
98f34f9e068e359978b77bfc2651e28b7a57f0e2e8cafce8f8e05a85eeaa8bc4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c29d9d7d70e09ecfe8c51e3c07be9bdd998fb54bb06dcea093925795aa88bcd
9cf8320abe90f0b566bbb7997c1d5269403a16be82145d4935efd96c369878f7
9ef4d8e305ba6d28a0b9efb307e16112274ace9cbc43c0a760913eb9a0881c30
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a343a1840f00a5db5891891069d57a2af26f4c1b80be9098252cadcca0b4e6bb
a6896ba54c1af3274a4d5a84945c83892c985c2b417e82465c331a24dbb9afc3
a97d3325c01891167615327fef9cd173ac264f69bf526c15af006ad27f99eaf5
abded813102ed02d99802cab90f1bb9c5dc6c7b1267a341ce1403f9681a43654
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad8677457876f632db38d31886a4f65dfeb50037c421ed20a9918fe60293585c
ae76bf0f1303ef22d7c91394fb6ee412d36cbb49161c26c924f5cf158a0205d6
b2c2368e440642e17d8af1833b2fe8110b601807842cfd1242ab76fb65a3d21c
b3be69c4d77cd568b0c2d360918d62e86b33abfe1b08a2bb2c6993235a67d264
b497840fdc78d638af40eccc2c9fd9006670503964b7b8d7d84c5f8062ef25d4
b4e613d1375828a089c50e38cae1fff46d0a2c015f25437c89e4d3ff90e2c102
b5efba1b07d5911e5ad0645bce66c621a9799eedf5d917d07491d5cddacfc9d7
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b7a1f2d2b3af5842dc4b63539230c2fdfef285afd76c1304d327daa0b51cd575
b7fef66cdf3503c933ce00ef00b584844bfe2431675ee20d96b577c50f33c2d8
b94afceb7079c53d412cd1f3039baec8f3929127d5df60a62e53b5c30c6daf6a
b960232209a48625cdde26c939de1bcfcbe82d31a7ee6960addfb3ecb34897f6
bba58c1b453f7229202a9de09db87f09e5d2061d93e5b07c9c2d6534f571fe71
beb41f5f31d4b2911ad91b5b7b05131f006837a6c2bba64dc0659266107431f3
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c47d3627bd81682d8314d37d4e5f1f025ac1cb3be92bfff56bdc214791576555
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c59cff9a64bddf2deaea3effeb952babb3a012d05e7b1d3ecde5212f7c17b9a7
c68d446f318242cb483c1404fb248a100ef152a579492b23752b4427954a096a
c6f5f1406b1e5c95bed5f838345f7e04d61eecce91c072c443ec02db1e521268
c790e8ac5de15593730a9c3091693cf5fa6c8553ae038684ea8b615bde06a96c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca95cc065d6e6ad82de4f20aae8f26efa4b34a4805c550a97e466b39e4ed34e3
cbb41d948989c5c65e69966c145618e2db14c247ba6b92a6bb7bc62eb29ad634
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d42553a5c5c21454807af7cec2bc459c0dcb08728f1175db01d196b2bdfc8bf0
d7d5b6fa606e1729869a8da6f30632979b1dba09e5cd3d5cfcc295bf3ee405c3
d825f39281584355ff730de12a756c27c13b757b1ea7fec94e3a78a0cbd1472a
da417a381f467258e65108a61a8186a38491a510eead850b78024891a68b779e
dc4fb96d0938f6229193dbc764d0937314f28f6d7df9e114eb53372a81887c66
dcc87fc1e98a3e6eb506bbc59f6502b5ad8f434941bc1b7e9ab0dc6b2bbd7f82
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bb5c4c7e8374c09a71c311ceb84321f80ad0d6b811873af0e4dedf3e7c07e7
e51caf5c4f4e84fbdb340685b602bea060d4d87fab53f01f6a6f7ccb80cc489e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e93a50b8330760b424485c8041922962a2bb82a9a97db683c186d114a434dd0b
e9c699e493c5843b90687dff18defbac291c039548e7a93a05faa3ee975de382
ecad017aa512feedf86b2798998865ff2bddef1dd14dcc721a8087eeec379a5b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f089f23d41f2b728fdfa5a8ada3628247b320a341de7fb84a6a30e64d9c2af4f
f141c6bafd6bd1a09ddc11737252ad4a2829b03d1eb05305c8749c87ea11ab19
f33a2f5f25c391fc75150a3034ebd6ac072945f97ecb572df2ba5ace685c023f
f4620eb8558321711185c5cf37ba11012a3d67617ab55060ce2ab0c7ebb1a5dc
f56b85ba4801d4d46745fc28d6e4df93c75a765335d069ddd081be7dbff6698b
f58a14106e5a98c3911fcb15d18e78a1c96c388ad010b3116dc543394f5e994b
f59a24724025aaa808fdcb5db803d2127feba310c2acf9acb0e5365b9a2b8809
f6e1cc877a10a8eb6972d29ff997fcba4280ce42b896f3909cd932ba02fd5bfb
f9482ef22ac0ff1fe12c7df21d2142a15aa40b0b58b746887ed7357324f26d9c
fa38202328d0bb7b258008fe81806fb43a51f270997326fe03c19724868bdf3c
fa3ecba51fcbe3806a57d12638c9e2760902fef8faa7bfc5b4e0214ed36848b7
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc83786b7989b9475c1f54bbd73c681758fedbb9e0be644d604ac3dfd97f970f
fcc44c1f86ee04baf5c9f6282f887200d328a419667d1d1e5cd3a3423a057e6e
fe364619ca5af89c1517dc71bb790c4b2fc8ad68e40828b73d35c01a057f2820
ff146c82166afe0cf2e272fad7c1949b5cb6fbecffd3a5837d85a176f1759951
ff4e788fb849ce165ef44bff2cf61408a33936556fe11e5a3a5ff890ed462354

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

368 Requests

93 %HTTPS

43 %IPv6

45 Domains

61 Subdomains

43 IPs

10 Countries

7539 kBTransfer

15085 kBSize

38 Cookies

1 Outgoing links

Redirected requests

368 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

368
Requests

93 %
HTTPS

43 %
IPv6

45
Domains

61
Subdomains

43
IPs

10
Countries

7539 kB
Transfer

15085 kB
Size

38
Cookies

368 HTTP transactions
6 data transactions