urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
169.150.222.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Submission: On December 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 9 countries across 36 domains to perform 216 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 169.150.222.217 60068 (CDN77 ^_^)
12 2a00:1450:400... 15169 (GOOGLE)
1 104.20.94.138 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 2a02:2638:3::12 44788 (ASN-CRITE...)
24 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
21 2a02:2638:3::3 44788 (ASN-CRITE...)
3 178.250.1.6 44788 (ASN-CRITE...)
4 2a02:2638:3::1a 44788 (ASN-CRITE...)
4 2a02:2638:3::10 44788 (ASN-CRITE...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::9 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
28 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 151.101.194.49 54113 (FASTLY)
1 15 142.250.186.34 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 3 51.38.120.206 16276 (OVH)
2 5.135.209.100 16276 (OVH)
3 3 52.58.114.78 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
1 2600:9000:237... 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
2 52.58.171.137 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:1901:0:7... 15169 (GOOGLE)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 178.250.1.9 44788 (ASN-CRITE...)
2 2 37.157.5.84 198622 (ADFORM)
1 91.121.248.44 16276 (OVH)
1 3 104.102.45.165 16625 (AKAMAI-AS)
2 2 142.250.181.230 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.132.158.37 16509 (AMAZON-02)
1 213.239.196.120 24940 (HETZNER-AS)
1 18.66.147.52 16509 (AMAZON-02)
1 99.86.4.52 16509 (AMAZON-02)
2 13.43.189.167 16509 (AMAZON-02)
216 39
5    169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com
www.xgcartoon.com
12    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)
c.statcounter.com
5    2606:4700:20::ac43:47bf (United States)

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
13    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
24    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
33    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
21    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
4    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
7    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
5    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
28    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
15    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    5.135.209.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-5-135-209.eu
ssbsync.smartadserver.com
3    52.58.114.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-114-78.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    2600:9000:237d:f200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    52.58.171.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-171-137.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
3    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    18.132.158.37 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-158-37.eu-west-2.compute.amazonaws.com
track.webgains.com
1    213.239.196.120 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213-239-196-120.clients.your-server.de
tm.simptrack.com
1    18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net
analytics.webgains.io
1    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    13.43.189.167 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-189-167.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
55 googlesyndication.com
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
795 KB
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
127 KB
29 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
csm.eu.criteo.net — Cisco Umbrella Rank: 9625
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143
235 KB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 25796
ad4m.at — Cisco Umbrella Rank: 11359
assets.ad4m.at — Cisco Umbrella Rank: 35458
264 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
251 KB
10 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 9522
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16218
dis.criteo.com — Cisco Umbrella Rank: 550
117 KB
10 xgcartoon.com
www.xgcartoon.com
static-a.xgcartoon.com
374 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
515 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 24395
api.webgains.io — Cisco Umbrella Rank: 59842
19 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
2 KB
3 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 192580
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
3 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
971 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
291 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
958 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
89 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
207 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264
5 KB
1 simptrack.com
tm.simptrack.com — Cisco Umbrella Rank: 106380
983 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 49821
2 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 83743
1 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 104746
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 89094
435 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 88416
261 B
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
327 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
713 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
238 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5555
553 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
608 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
543 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
247 B
1 statcounter.com
c.statcounter.com — Cisco Umbrella Rank: 10182
469 B
216 36
Domain Requested by
25 pagead2.googlesyndication.com 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
24 tpc.googlesyndication.com 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
21 static.criteo.net ads.eu.criteo.com
15 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
13 securepubads.g.doubleclick.net cdn.ampproject.org
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
www.googletagservices.com
12 assets.ad4m.at as.ad4m.at
12 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
8 www.googletagservices.com 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com cdn.ampproject.org
5 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
5 static-a.xgcartoon.com www.xgcartoon.com
5 www.xgcartoon.com www.xgcartoon.com
cdn.ampproject.org
4 imageproxy.eu.criteo.net ads.eu.criteo.com
4 csm.eu.criteo.net ads.eu.criteo.com
3 www.awin1.com 1 redirects as.ad4m.at
3 pm.w55c.net 3 redirects
3 onetag-sys.com 2 redirects googleads.g.doubleclick.net
3 cat.nl3.eu.criteo.com ads.eu.criteo.com
3 ads.eu.criteo.com 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 api.webgains.io analytics.webgains.io
2 ad.doubleclick.net 2 redirects
2 c1.adform.net 2 redirects
2 prod-rtb.ad4mat.net googleads.g.doubleclick.net
2 x.bidswitch.net googleads.g.doubleclick.net
2 eb2.3lift.com 2 redirects
2 ssbsync.smartadserver.com googleads.g.doubleclick.net
2 dsp.adfarm1.adition.com 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 rtb.nl3.eu.criteo.com 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 tm.simptrack.com as.ad4m.at
1 track.webgains.com as.ad4m.at
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 pv.medialead.de as.ad4m.at
1 dis.criteo.com googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 s.ad.smaato.net googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 rtb.fr3.eu.criteo.com
1 region1.google-analytics.com cdn.ampproject.org
1 c.statcounter.com www.xgcartoon.com
216 53

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G4		 2023-09-24 -
2024-10-25		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
xgcartoon.com
GTS CA 1P5		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-03-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ad4mat.net
GTS CA 1P5		 2023-11-18 -
2024-02-16		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
simptrack.com
R3		 2023-10-16 -
2024-01-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh

This page contains 29 frames:

Primary Page: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Frame ID: 93B8AB51FF93538618E8645209262969
Requests: 38 HTTP requests in this frame

Frame: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: D66E2B65A0D8267068076B863BF4B5FE
Requests: 9 HTTP requests in this frame

Frame: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: ED80D070227AA6A311E5D13587D8EDF6
Requests: 8 HTTP requests in this frame

Frame: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: D3C209CAC607330C9D3FF081B00D0E76
Requests: 11 HTTP requests in this frame

Frame: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 16DC384A2525A3CAD204E4B52B276A75
Requests: 11 HTTP requests in this frame

Frame: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4F1810EEDF4F85A4BBD090CCF34ECD7D
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 7223180694CDB44BBB345F36414E5CF2
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: A0E6A63A9097094337EE96E2AD72D478
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: E1184A88FB3ADA765F730368F6CB3360
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Frame ID: C4A9827025752D9D9418CC4853658ECB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Frame ID: FCF1C1A30264E0C5683C26F54468ED7C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Frame ID: 661786B97AD162377C6D8802CFABFE3F
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jk5jx6jafrmkh2bsf40sp0c6vw4nwgszj12ckkxpnatxgfv7w88jpr3pt5zcaekv1z64c3rfabq3zq0qh2gtxf8405278acvtejdy6vkdtsa8nrxthrsfjjfjarypaqxtwwfbmks3c9qr4cjn8j8w562qn99ezqnkrtwjqp8z6bxz549hychams67xd0w1c5fw0sr7s2s13scpdm629vp6ry8kj39qr39064fpznysfeqwb45nj08dphzvtzwyq2es1wy90ace491a591ajmm99qse4r7esgjnjhxd1kjvymgqrxr7ym4r46fmd6g01evnqfgheemn67m9eb4s8dyf78839v0gfyj295r63tczp8yrk6qmcb6wngpzv4wjk9z1xn8hczeffq6z5tqmxbv3t5prx36h5tj4r9hxscb4bwwm29h9mwskpbtb3exs98tsty6wk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 3EEEDE9DF27B1789D0FEEF147A5AF75B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 388CC14947E7C0B040D43BF06FA6F11C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jhgwme0nne7nedpq6zn2w858kw9bbka32gsecjnn0h6mnvt0m7fd5h9zmn9j3qm904va6n1ny2j8vqn6s9xa2yepxh0fx4vb45pc7v6vhx2x41mrq3z3n8qs2e1v4p1q9p6mv4fx1enpwc3zwxzz0495ekpcqsymxtq1heygjqddcph9qp9jdee71kgxtdmvn3a0kdbpfn2gtwd52ajt7gaxdyws1epw0g63bmbx7cn4kcpren96kb9xpv79hk14re0nj3x29me9stzcahqpts8fm9jpys1atj9rkxe6t6qqwmyxt72f23a9c5fewkkby454vatbz6a1hzfk8wwfpz7xe02ky4611akx7a9tp7zgx41zd32dkhbjmez5c4t0wffcgag487rgnhd2f4k9n7441aeey8hrjn1yfwabyt8eeqkrjxf8j14sw023chp7vez3awrpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 052B6500430AD08FED2F838AB8587F42
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1BB618C1D92558888DB9A0D7AA21F240
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: A14BF3EB8C232E45ACC8DEEC850B72EF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: E7489275E324D10F235CE7E1684C6B4E
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 3C6C651FC8F132D87D5E0EE030B76018
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2A5A38E7AD1E095776E8BF01443E688B
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 52A32FAA62FE17BC8BBA6F4586A76C5C
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 1FDAD335A13267381AFDFA51CA2B67F9
Requests: 14 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 1D3EB12CFB4595316B4657191579E106
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F09C49D060F4D5C9C07488DAC0EC810F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6A9D0A38D0C9D89C2D46E9300EDBE21
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5B14C79499BAA1A5B6815AA58AC0946
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B15B7CB5188C0B659BBDCA73852284A3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1AD8493615E646F810274591DA50E8A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 853189BF8DDAC2B3DEAFA7140D2B92F3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍜一人之下(異人) 第3季【國語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

216
Requests

93 %
HTTPS

46 %
IPv6

36
Domains

53
Subdomains

39
IPs

9
Countries

2713 kB
Transfer

6843 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIe9msHnzRLJnZoUgTys2BE&google_cver=1&google_push=AXcoOmQ7WSymfRHKXgqWEXV5vVWhYn7i9PselDrd-O55EbV00hA0gmLOEWMI2NDWW1z4syeFGc1AJDu7BhcbBbgGE13Gv9uSHdVLEQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIe9msHnzRLJnZoUgTys2BE&google_push=AXcoOmQ7WSymfRHKXgqWEXV5vVWhYn7i9PselDrd-O55EbV00hA0gmLOEWMI2NDWW1z4syeFGc1AJDu7BhcbBbgGE13Gv9uSHdVLEQ
Request Chain 118
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENjtdNhdKoTxcw6bTOre0LI&google_cver=1&google_push=AXcoOmS1m1prhHzldPxIfL02xhiv5EjYiXEjsl1VMtWZS2LNWk_ooC_enNi2uytjfP5FgWsjyxf3SxgUIc7geAHvamoHV29NNJm_yA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1m1prhHzldPxIfL02xhiv5EjYiXEjsl1VMtWZS2LNWk_ooC_enNi2uytjfP5FgWsjyxf3SxgUIc7geAHvamoHV29NNJm_yA&google_hm=XFQrzDilR2a06Sx8YkG5lE0
Request Chain 119
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBfWVDFENTnVpyentCxjqW8&google_cver=1&google_push=AXcoOmTh6UUbxB4FRHL__5349aemuHe8Ya3lgSOnx8Zm9DflGIxhKF-xL24MUjp1W4_-JkPScCitdqutAvI7iJoGNsGy46GcIzIUWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjI5NjI2NTE1Mjk4NTIzMg%3D%3D&google_push=AXcoOmTh6UUbxB4FRHL__5349aemuHe8Ya3lgSOnx8Zm9DflGIxhKF-xL24MUjp1W4_-JkPScCitdqutAvI7iJoGNsGy46GcIzIUWA
Request Chain 120
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAxBsctflEcNGgHdUB6qk9c&google_cver=1&google_push=AXcoOmSkSKjefVidyettfQOdDZJ0mnIA0Eigv4EFSTmw4wA4c2EWojbNXg_i6nGc43vO9G3tbR9mdJ9qpqUYdUCg1sbIPYtguZ9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkSKjefVidyettfQOdDZJ0mnIA0Eigv4EFSTmw4wA4c2EWojbNXg_i6nGc43vO9G3tbR9mdJ9qpqUYdUCg1sbIPYtguZ9A
Request Chain 122
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAxBsctflEcNGgHdUB6qk9c&google_cver=1&google_push=AXcoOmQIzfdjHeimqMaodus5GdwnmLZoaVQ2ic-2dM8xJGmTewUkkGhWBTbu6lE8CK8Z05kNIXK_84WeoDWXUNgkCOQbNr5x4OACXA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQIzfdjHeimqMaodus5GdwnmLZoaVQ2ic-2dM8xJGmTewUkkGhWBTbu6lE8CK8Z05kNIXK_84WeoDWXUNgkCOQbNr5x4OACXA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 124
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmTl5lKKaEJAXKM3f7hKNHa0MBGvgI0RiSrksdjDGp1jGLHnvjdzebGlHUqfxDJJt3ABnLlpYLgxUZPC6A9j1izQapQXtqztNw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmTl5lKKaEJAXKM3f7hKNHa0MBGvgI0RiSrksdjDGp1jGLHnvjdzebGlHUqfxDJJt3ABnLlpYLgxUZPC6A9j1izQapQXtqztNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=alFCMzVNRFYxUmRDWGM1&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmTl5lKKaEJAXKM3f7hKNHa0MBGvgI0RiSrksdjDGp1jGLHnvjdzebGlHUqfxDJJt3ABnLlpYLgxUZPC6A9j1izQapQXtqztNw
Request Chain 125
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE6rtihE4j_Lk1REIZovNGM&google_cver=1&google_push=AXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEUw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEUw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE6rtihE4j_Lk1REIZovNGM&google_cver=1&google_push=AXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEUw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEUw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 126
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDkSfdp8M1CPeCh3vXkka3Y&google_cver=1&google_push=AXcoOmRVA0meHu6Wx0tpsIe29mH4QW1QOEj91hjolKpufRJ92tQoC4KbCziBm17WNCwgARi_tJ0IPva-6w0RUe_zlPUnYnIZNO6FMw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7u-UIWr1RwQMMSBFlzi0Ow&google_push=AXcoOmRVA0meHu6Wx0tpsIe29mH4QW1QOEj91hjolKpufRJ92tQoC4KbCziBm17WNCwgARi_tJ0IPva-6w0RUe_zlPUnYnIZNO6FMw
Request Chain 128
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED3UJ7dx1S7pl2PhdA3qaf0&google_cver=1&google_push=AXcoOmTuQDnoO2ALAgFIBRC8CgLTQ7Z23RDmieSARKLLJ-ALuC9d5n_6zbUMvJ0a1RsIuIeGZX_v70JNcqUVu9rPB8wAo9nyZI6d0Q HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTuQDnoO2ALAgFIBRC8CgLTQ7Z23RDmieSARKLLJ-ALuC9d5n_6zbUMvJ0a1RsIuIeGZX_v70JNcqUVu9rPB8wAo9nyZI6d0Q&google_gid=CAESED3UJ7dx1S7pl2PhdA3qaf0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAzNTA5OTMxNDQzNjg0MjQ4NTE3Mg%3D%3D&google_push=AXcoOmTuQDnoO2ALAgFIBRC8CgLTQ7Z23RDmieSARKLLJ-ALuC9d5n_6zbUMvJ0a1RsIuIeGZX_v70JNcqUVu9rPB8wAo9nyZI6d0Q
Request Chain 155
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmQJ7-keP8kC6nj25zN0SkpQDCt7L_Vs08CYCMpOQy7aBzTIzrTySHpIYsmGjIxUhEsQ1F8nncDhRF5NlGJM424pt6LLxrs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=alFCMzVNRFYxUmRDWGM1&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmQJ7-keP8kC6nj25zN0SkpQDCt7L_Vs08CYCMpOQy7aBzTIzrTySHpIYsmGjIxUhEsQ1F8nncDhRF5NlGJM424pt6LLxrs
Request Chain 156
  • https://um.simpli.fi/gp_match?google_gid=CAESEMAbIQhKXsm91NaQIfDnOQ8&google_cver=1&google_push=AXcoOmRxAjB9GdTe60zVgqlS9KeXAqhbxa7ffzbltwjzgaVj1e5B2MSTFobqW4GPaN4sDctVN2uC5KJaDc2kCMhinPF8bMuGStib HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B21D9CD3A8541FC9C830CCD27C863AE&google_push=AXcoOmRxAjB9GdTe60zVgqlS9KeXAqhbxa7ffzbltwjzgaVj1e5B2MSTFobqW4GPaN4sDctVN2uC5KJaDc2kCMhinPF8bMuGStib
Request Chain 157
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBfWVDFENTnVpyentCxjqW8&google_cver=1&google_push=AXcoOmRfW9LPqKgV6UanJ1i2ilsHRCe0J6jMzKazAM3s__O0E3CpZEhfI_oU7oIYytYsyu_OOftsLiCVfzkA9l9uP6C9828GFhgp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjI5NjI2NTE1Mjk4NTIzMg%3D%3D&google_push=AXcoOmRfW9LPqKgV6UanJ1i2ilsHRCe0J6jMzKazAM3s__O0E3CpZEhfI_oU7oIYytYsyu_OOftsLiCVfzkA9l9uP6C9828GFhgp
Request Chain 160
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPxKfjgB3rds919mUTZyRbY&google_cver=1&google_push=AXcoOmTq4PfjV23A-CUAVc3rkBMdRaBZY3aZMUZZboY47nyT55VV7yn4qusiAU_7kQRd51NwodHajhns05s-CCWZpqkQOuLpQI00 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPxKfjgB3rds919mUTZyRbY&google_cver=1&google_push=AXcoOmTq4PfjV23A-CUAVc3rkBMdRaBZY3aZMUZZboY47nyT55VV7yn4qusiAU_7kQRd51NwodHajhns05s-CCWZpqkQOuLpQI00 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjczODIwNjU5MzMxNjMyOTE5Mg&google_push=AXcoOmTq4PfjV23A-CUAVc3rkBMdRaBZY3aZMUZZboY47nyT55VV7yn4qusiAU_7kQRd51NwodHajhns05s-CCWZpqkQOuLpQI00
Request Chain 183
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CImPlYCGjoMDFRKK3godvdAMiA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023121405040791288303299X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023121405040791288303299X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 186
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1702526647_d3b62d60-9a35-11ee-b1a8-22396ad6a5ca&insert=AW&&gdpr=0&gdpr_consent=

216 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request yirenzhixia_di3jiguoyu-mier
www.xgcartoon.com/detail/ 		77 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f303df1186f3dbb7abff9abfa1a39508fc4580949467c88f6f8c41235802096

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 14 Dec 2023 04:04:03 GMT
etag
"133fd-0hjepkR8F7rqrT7uEArppqxFPRM"
expires
Thu, 14 Dec 2023 04:05:03 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 04:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73141
x-xss-protection
0
server
sffe
etag
"20620290c9309704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 04:04:03 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 04:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23125
x-xss-protection
0
server
sffe
etag
"03885caa855825de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 04:04:03 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 04:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9459
x-xss-protection
0
server
sffe
etag
"8a483731af74fd28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 04:04:03 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 04:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14979
x-xss-protection
0
server
sffe
etag
"5c37322451a9f07d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 04:04:03 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 04:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15383
x-xss-protection
0
server
sffe
etag
"10ecb1b2e6eeaabe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 04:04:03 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 04:04:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4740
x-xss-protection
0
server
sffe
etag
"e23d2a0d990fab56"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 04:04:03 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 04:04:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10344
x-xss-protection
0
server
sffe
etag
"710c75735c511774"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 04:04:04 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 14 Dec 2023 04:04:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32187
x-xss-protection
0
server
sffe
etag
"f62e83b3b94bc414"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 04:04:04 GMT
/
c.statcounter.com/12916097/0/c55d9f9f/1/ 		49 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray
83538f84de9d3a9c-FRA
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
last-modified
Sun, 28 Aug 2022 14:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"3473-182e4ca3706"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
13427
expires
Thu, 14 Dec 2023 04:07:04 GMT
yirenzhixia_di3jiguoyu-mier.jpg
static-a.xgcartoon.com/cover/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/yirenzhixia_di3jiguoyu-mier.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5acb4907d481646c90f76b78da6983b84009b3dd4a6fe815fc8af1c49cc40a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Aug 2022 08:53:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7AE31FF8FE40A2D938FD763ED177A9AB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NupaSO9JnN39LAQI3Rus4PQjyNRSbnK8bbzhM2Zpg5I2lzZmGhWKH1dEeQ43wmyuKpn365NPr4Rbd8t1drDOdZwoUIGVkgK9MdzoO9yJ2oAxA4vKNWQvYvwoG8K45K8e46r8mdI6NrMUROcZ5VA3Hii3CA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83538f857da59a00-FRA
content-length
145337
expires
Sat, 16 Dec 2023 04:03:19 GMT
play.png
www.xgcartoon.com/img/ 		470 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
last-modified
Wed, 17 Aug 2022 11:09:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1d6-182ab7e5700"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
470
expires
Thu, 14 Dec 2023 04:07:04 GMT
star.png
www.xgcartoon.com/img/ 		424 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
last-modified
Wed, 17 Aug 2022 11:09:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1a8-182ab7e37c0"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
424
expires
Thu, 14 Dec 2023 04:07:04 GMT
yirenzhixiayiren_di5jiguoyu-mier.jpg
static-a.xgcartoon.com/cover/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/yirenzhixiayiren_di5jiguoyu-mier.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96af47cd2e46b146642a3340793a344245fd88debb06bd717aeaf1a3fbad8323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Dec 2022 07:06:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7BEE8D0F9E4B88DCC018856B87EA6F6C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGMq4J2LfJhOXoGwu9Wykq1DpkZPfN789e97VlhUaYqP1jcrY4wtq3vCkwmkduhyOYWhn1qbM1NkocdQbG9XuIlPK94iTtl0v%2BLUVMXthiUYvHPmtI72Ub6hq74F%2F0faTKf2R13i6w6D1aSE143Mwcg3Tpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83538f857dac9a00-FRA
content-length
21042
expires
Sun, 17 Dec 2023 03:06:37 GMT
yirenzhixia_di2jiguoyu-mier.jpg
static-a.xgcartoon.com/cover/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/yirenzhixia_di2jiguoyu-mier.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d9bc06ee755238aa8abfb48c4a73889d0756a24b4ef1c6b6b653acdb044321

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Aug 2022 07:27:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"14B9133C741AF430124971A5238AACC9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZsX3YrpINExpJzsxfYEFgvNp9eFrpYtnsjRIDZXJE5t2ad7XKvaf5V12wUIqH40KkzPD2COKsmmHf9O1ZIAMzi9eHaiFhTBsQQB%2Fpj4kxMXiJgNhnfQdY3HyzlK%2FkBlm93P8QW6yNvHj90E2Lwmrh7zlDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83538f857dab9a00-FRA
content-length
81726
expires
Thu, 14 Dec 2023 13:20:12 GMT
yirenzhixia_di4jiguoyu-mier.jpg
static-a.xgcartoon.com/cover/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/yirenzhixia_di4jiguoyu-mier.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22e53e8d9a06a267f2ca232ed75e1f1fd024148b9782c70120cb4535386cc48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Aug 2022 09:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F5CD995CF5628196A94DC2EE7F5A9B9B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFig06AqVBcLszRHYcSzpv1h4YumZuZJEAwEg8jYL%2FwY1y1I19A0Qh5cB6HnYAJrmnmZNwN%2FtUFBFWUBCyU2jq5z7jyrWjfixdtt%2Bib60InnoBE%2BvqWjPkKIJD3PyfmnfI%2BmPyNT8WtufRqX2jR3BrI5z9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83538f857da89a00-FRA
content-length
86075
expires
Fri, 15 Dec 2023 23:45:25 GMT
wodeyingxiongxueyuan_di2jiriyu-kuyuegengping.jpg
static-a.xgcartoon.com/cover/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/wodeyingxiongxueyuan_di2jiriyu-kuyuegengping.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f363a1fde89c86857bbfb0f8174c72983b73982404bb8785c057ed0825f0ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 15 Sep 2022 11:00:03 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"601935D1FDBD954D461271ADCD2E597D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDn1s6c9k50NqQZcXo2Ye%2F8JlheukK2vpVnHOGwbyhgRjqtH9V1aIsccyQCcbqDFrh%2FEn%2B7PQiRMJ%2BPJDwL%2FzQLLxtDKQmtsrGIa96MFSG7W%2B%2Ff7Z1En%2B3G%2F2OzM6Y7veenHfTuY%2Fk9UZt%2B81OZqWPa63Y0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
83538f857daa9a00-FRA
content-length
11842
expires
Thu, 14 Dec 2023 07:10:40 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 17:16:01 GMT
age
125283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"a9f93cfafa19b094"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 17:16:01 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		953 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		792 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		440 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		154 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		237 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 17:16:24 GMT
age
125260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63654
x-xss-protection
0
server
sffe
etag
"7d5e78ba8c7d5e5d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 17:16:24 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 17:16:01 GMT
age
125283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3942
x-xss-protection
0
server
sffe
etag
"4694a1430564add5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 17:16:01 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=1356&ga_cid=amp-_QhfgcbSfunWg0-rLyGYyw&ga_hid=1356&dt=1702526644093&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyirenzhixia_di3jiguoyu-mier&bdt=141&dtd=4&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e024228baa837f910986763351984a16c6e8b8cc33b7432d79566c1836ec418a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14430
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CILo6f6FjoMDFVMq4AodpjkARw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 14 Dec 2023 04:04:04 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=1356&ga_cid=amp-_QhfgcbSfunWg0-rLyGYyw&ga_hid=1356&dt=1702526644093&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyirenzhixia_di3jiguoyu-mier&bdt=141&dtd=5&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abe9b0cdb2e8efcac94a3a911c00c5aaf5e8444e74e12e3903f006c471f76377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
160x600
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14417
x-xss-protection
0
google-lineitem-id
-1
x-qqid
CPLj8v6FjoMDFV_ZEQgdP5cNEA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-creative-id
-1
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 14 Dec 2023 04:04:04 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=1356&ga_cid=amp-_QhfgcbSfunWg0-rLyGYyw&ga_hid=1356&dt=1702526644093&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyirenzhixia_di3jiguoyu-mier&bdt=141&dtd=5&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
493f04cb4eff4a465334bf999c0e7c83e0d9325970d435777ecfe392381bc8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
336x280
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13690
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CJet4P6FjoMDFVwoVQgdh9cGcA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027455473
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 14 Dec 2023 04:04:04 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=1356&ga_cid=amp-_QhfgcbSfunWg0-rLyGYyw&ga_hid=1356&dt=1702526644093&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyirenzhixia_di3jiguoyu-mier&bdt=141&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7beeb6281c286c145e96a28de7b33cd5da46186258adf13a9aa7867a49dbdd68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
x-creativesize
300x250
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13693
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CLHI4P6FjoMDFSEuVQgd3m4DNA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027456433
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 14 Dec 2023 04:04:04 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=1356&ga_cid=amp-_QhfgcbSfunWg0-rLyGYyw&ga_hid=1356&dt=1702526644093&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyirenzhixia_di3jiguoyu-mier&bdt=141&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa713ed55b9a5d73cfd2ba3ce2ee84d8e1710ee15af01919094b41b5ad02d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
728x90
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13662
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CLG84P6FjoMDFXH7EQgdwtcGFw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027455233
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Thu, 14 Dec 2023 04:04:04 GMT
container.html
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
googleanalytics.json
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 17:16:01 GMT
age
125284
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"e666ca0e175b1b23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 17:16:01 GMT
ga4.json
www.xgcartoon.com/js/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/detail/yirenzhixia_di3jiguoyu-mier
AMP-Same-Origin
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 10:49:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"11d8-187c255423d"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
max-age=180
accept-ranges
bytes
expires
Thu, 14 Dec 2023 04:07:05 GMT
collect
region1.google-analytics.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=1356&cid=amp-_QhfgcbSfunWg0-rLyGYyw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fyirenzhixia_di3jiguoyu-mier&dr=&dt=%F0%9F%8D%9C%E4%B8%80%E4%BA%BA%E4%B9%8B%E4%B8%8B%EF%BC%88%E7%95%B0%E4%BA%BA%EF%BC%89%20%E7%AC%AC3%E5%AD%A3%E3%80%90%E5%9C%8B%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1702526645&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D66E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
Fri, 13 Dec 2024 04:04:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED80 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
Fri, 13 Dec 2024 04:04:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D3C2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
Fri, 13 Dec 2024 04:04:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 16DC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
Fri, 13 Dec 2024 04:04:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F18 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
Fri, 13 Dec 2024 04:04:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7223 		144 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f74c10edfad89a0fafff476e586dd20d4d353633265c4571abb2b107370619a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:05 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JZlqOIB1AGItch4kA1XzND4FKyCCFJD5rC38SUS3EsA8AQY9VbaL9RN-0h3Cm4XmST7O_rXZO_QCfRDB-aGKvqrjX-NnLvAl9sLQO06NakyRsu4L_EmbWnlBZW1CwRXLz_SMc8keL7rWkzVo1kZKHs8w6-RY48RR2co6gLy-8870r2C_N4hEr-1vhdNasd8FBhzCH2d4pxmVtSZUilz50JnoLjFV8B6VKe50J2V98EciFURsZpC5beeHOL0"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
45651664
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D66E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:50:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 16:50:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D66E 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
51291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 13:49:15 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D66E 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
155156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 08:58:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D66E 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame A0E6 		52 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9bba29865fe8a21c63352d98a4bb54fba0d0b6dda6cacdb7fae2bbb14be19436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:05 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=XEL3qYB1AGItch4kBnzx2S2boS0V16jZaE_Srdsf2L0bu28lGLJ4hYXPcu44WFwEHrF1Bb18bSmntZdeMRI9uvFLbXSGbTZSoWrKp_tw6FP12D9Bb3Qbo_XwnKLQV4Pa0uhVS5ZObey9j0ysxNEX43SJMH1HFX4H3pqcd1WNzVKRNFh9JhEONY0l0d_ocvtpty_1qQDqWG2CoS9-DrvBi9aEgne8GUp531l-yteq5YkRau0z5KgW7FeXok9oWjVlpsVMaw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2432875
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame ED80 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:50:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 16:50:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame ED80 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
51291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 13:49:15 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ED80 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
155156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 08:58:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame ED80 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D3C2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
155156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 08:58:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D3C2 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
4475361942733572661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D3C2 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 16DC 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
155156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 08:58:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 16DC 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10277
x-xss-protection
0
server
cafe
etag
8188157995017847591
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 16DC 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4F18 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
155156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 08:58:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4F18 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
4475361942733572661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4F18 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 16DC 		0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgEOuu6ioIhX6Fz1z2KNworZn5RADucdv2EHlv8Dbv39Dwzphah90HfqziOmpin_jK9aCmY79PJCqXa7naL2zW4jsXv4pCojr2Cg40UKuvwwFmV5rluBOfN7303DQj4VZAEVaksa5tvrYQZUnS6rwWltnTOrMj4v5U-RfbFz8u9Mk7GXcXSsKqNj9T0ki3HHyjm3JzvZJ4YJhcG5y0SEeCC0qeTdRnGeEPqc8VdTCjyXfA-pPKFcxr2pCsHNBfbtibKZw8trw5bI5E6kpcUFvAGH5PZtCd-xcULT06M2qNLxwdiQR2gOT_ZhTVtcD5-4maMJZCPnCmzfGHyyr174DDMfaUHnTyW8fDmuY1N5b3FREp5ckPgswqbhvJ1Bq2Wci9b72EsyoW-aTqlMHg&sai=AMfl-YQNo5Ga7sA-CDaTjGXfoTfWgPCqgirnLh7Jcmmiv1tpRxPDdQi-83WeFZ2gi14JNVFlB8DxrG_ptDWlVDo&sig=Cg0ArKJSzOQKzzX_SBDbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Dec 2023 04:04:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F18 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFeoI7g6o4DGdmlr-ZlaxE4Y0Fg2-wdNecnq5HdMndoCZQnKzVxwUZAqlSmFQI2Cqudxdkia1g4QvWgoATodUS47FiEG_-WE-hrpHV1OF69pgVGJLVP0e2NecP6iskvN6no70xUfkh3RePJEgEMwQAKj08cOKssq_Vnd9ffPlkpTcENX1ytffkFXIoFYktS8-dBQrOiCAzw1buK1LGkgV0AdUU90fkT36gvR56JVPl56MRW4tP-avOdA01WuwwiROOc9pgXepN_ovEQEud84f295uWh60W8eqcCaNUPvJ5SjunRwladNjRqVjLWhBA7MWVv5xfjN8J4aM4jqLq2JkRM6BDEkve1phgoanDdSqJAW536Nv_14o_fV7p2Nj6m6tz1MtTa_zqt0CEtD-3Tg&sai=AMfl-YQJ8TIczytmYfA-9YiZpPMDZtncg9Hg94aJ8qOVvxTCfkCrNfkPQp1w_CMTdA7sbVxN43fsuhHBNoHExUg&sig=Cg0ArKJSzD7WmbZVYj-CEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Dec 2023 04:04:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D3C2 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIsYwaD-x0csmPObOa3sbccn6fw-8eySFjkuTQOyIoD5kRq0820cARXr3J3QCeu3xzCuIVZxWsYiKGaNIzage290QFZ1hBR8t9HEZe1C3lQHyu0yKcTHNQu4uNiEznFCx4MBEr1qu2przaavehpFuhbIOtOp2fJJE7BU3FaJxt9x3fxCajEL1ud4j_0Z-8RPJlSSTuZ0Q8QLMHibX3u8mQnTOnLD19DrPkrbZaRiPrI5tbKsh4NgHOZ3pBXrEk_uB7g3rXcnya5_aniD3Wjvo3rB5Cepfv4sLNXSYp_fZfExeIv-QYuU8SkSiy9NMXR0EVJfJ_jVSYqjM3tlZo5IhDCPuPSFuEPRotEpavSmFOv7FRCdpGx0IQOEoCQe9ccCQFic21hWvY_d13yUFN&sai=AMfl-YSIFxXKb_maaOV057dTf6kZwOVOWJyRO8bXVtSRIGDyCp1WWSlnskHDDhqTvvT1Jn8bZcgaVJNtn0fGyUo&sig=Cg0ArKJSzG4YT-0QkpNdEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Dec 2023 04:04:06 GMT
truncated
/ Frame D66E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
091138efbcf304cad583ba580cd08983c9341a388532a742123c08958492a42b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ED80 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d179f32a7b2ab66dc8df90dd8efc6afa2b2380fb311dc5a27b8a586898e54516

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame A0E6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A0E6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A0E6 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 08 Dec 2024 04:04:06 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A0E6 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 08 Dec 2024 04:04:06 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A0E6 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bJ-jLVKbcTg9qM9ramZRmXxRv_RrK-QxUWcNCyd9CmqEWV8QaoM_gGyfJwTcHMKB1Qk6mvk-3wctV0iVOdIWmJHOpzh9GRqgx9r3CDMa_Ei9llyYJHFXwe9DTEsHB4E2sCTcNM2NQjNFmc-JxEtwHT3ThP-aH6f2G7F03xHLUd5xDtDhbT9KoCpkmrNcT-yFzl1_ltaV3D1QlF0vl_z4wQVEGhITQyCkp5Ov3uCdyb08JrOmVaj0aorNmI7cr-xUtM9y7s0EFVRTIP5WxRj3Z4CW26hByHFfbvPzrIZnWkuk5JVequFq4Nv7mys_2pIwFQTRB02fJyKrwRydhyS4kgNP6GEkfZT9Sz0-un3JgaQVZBZoETsNjn_9jUkJGhaPB_4D70VGglMy8Ka5NhRovz5qM_2uNc9e5hmIas6tz-sFxNeSYBt-Wk1KLpeVknXGZoSriQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2100221
expires
Mon, 26 Jul 1997 05:00:00 GMT
51fc94fdc3e44c028f80ead1dc0a8358_image_ad_160x600.png
static.criteo.net/design/dt/42006/230523/ Frame A0E6 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/42006/230523/51fc94fdc3e44c028f80ead1dc0a8358_image_ad_160x600.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4d39f8a26950c324363a729e377c97eabbb3425bfa17c673e24a1e02ca355176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 23 May 2023 13:13:23 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"646cbbf3-21d98"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
138648
expires
Sun, 08 Dec 2024 04:04:06 GMT
all
csm.eu.criteo.net/ Frame A0E6 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=XEL3qYB1AGItch4kBnzx2S2boS0V16jZaE_Srdsf2L0bu28lGLJ4hYXPcu44WFwEHrF1Bb18bSmntZdeMRI9uvFLbXSGbTZSoWrKp_tw6FP12D9Bb3Qbo_XwnKLQV4Pa0uhVS5ZObey9j0ysxNEX43SJMH1HFX4H3pqcd1WNzVKRNFh9JhEONY0l0d_ocvtpty_1qQDqWG2CoS9-DrvBi9aEgne8GUp531l-yteq5YkRau0z5KgW7FeXok9oWjVlpsVMaw&sds=2&rev=89682&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A0E6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A0E6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&u=%7CfIggBO8nGlQJ37pNl2zzbwyirGe4zdsZJsWe5qGKTYI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIlaowj-mELrRcXMo2BMKqr5EDYfTpex6st83j_wZj-Dr8Hgmm2_J-rTfBlR-kNq_BzcYDIJyUUp4UJ7Sk_3EZ4NIbnzxOtgfmxRlx_gDDbLekMsz57Cl3JY110xdJyllOlx7VjwCeC_9E1DZhaDNc1jBV5BeDOBdnByFlr5L4ndFZ_5EhnxTp0IN-9aHCUDHaCaTaj7Nmi5IRe4avu36SpYCxr-8cQFB6mqwAErI1WLWhtlbmiir-IKHIlV2eRsNnh4LNCpHjN0slh1bD_JNgDHbXoZUMTRDF41WVbU21rb-2wUxwo5Vox1dmiEpZTb1GuAN_2LqAHZz7DkYXvSKXuuOgfis1QG-SjYM8Ro-44_5XKW2GvpyNTWeh3b_C8FgoFiYMQIse9QBrIT3zG3CDAkUnlSvK92GIsgLMkoO5KAp6jNAgsr-Orj825wr8aYliPe_59ifaatFVG6JIJT2fl2ljP_vShvqEpgpnWr2EpEi8uBufvi6cytOHSYOtQk6heYr1hfWJowbAAi25ikoWwcHajgwyb0ZKeA18gsKsAmfNSJ6Ucvwd3kDmPuDjjBAq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiNiftH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSpAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n3f3MwdHsKcZU1qzeM-AP1fJiyWRryIK9QuvHkvYeJWYit6h2xuCrrMROAEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcB%26num%3D1%26sig%3DAOD64_0QWQrDNEEnbCmWdYCHa3TehC1TqA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7223 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7223 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7223 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 08 Dec 2024 04:04:06 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7223 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 08 Dec 2024 04:04:06 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7223 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=JQSn5X0nEM7BkghG8v9Y1wcxf3tZwbsF-sZw1iCHu773myIVVmMrjfZIuGs6qqeGF8uKNdZ5OQHyYCZrMvCrh7V1Mh4d9s3asPOMFClJljXSCdPqpB_kj7xd-PY_xniP6YuZwU4Y-eDY1THJBu_HyqiKAXUeQQ7vBiFPjXAJfrafJ665OMKEBsGgFqJuipsu0HfJ88JewH6PAG7xI_Q7-Miaf6sz7WRDpsMbT4geovv2frKqjfnCryI8GKSTcXXeD_iZTiI4HomLpO1gAY0U9c7a4_sW0_dNiqDiNJXjPKo1MVSAbRueebs2YBqz_FDQgtvDJKeaqBKGNUUu7lvvzC9O0fatoDrgrU1gQZvlAnDhgWVxGXOxJ9LP8d5s_3_IkTb312e4QxE9rmeOx6cJKeWuDkOQS6DFwtffvQ4adlPgxvfa
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1820533
expires
Mon, 26 Jul 1997 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D3C2 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c51e2ea94f64fb5b0650a83a42296ecc6f4bf50dc7f03ac5507c586c855503d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51252
x-xss-protection
0
server
cafe
etag
10317767043275148439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
animejs.js
static.criteo.net/animejs/ Frame 7223 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 16DC 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee223df8ba6d85b498b9811fcfa7d5172b7fa5aa20f18d45bd859ef48894e4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51253
x-xss-protection
0
server
cafe
etag
10298826253072391913
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4F18 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7becccca441211d5c6282aa112e67142fb7682de351a102fbbbfa2ad482a49cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51251
x-xss-protection
0
server
cafe
etag
65252336211114567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7223 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=10309&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F10309%2F220824%2F5f2290cb127144499ee0f096620506a5_flaconi_square.png&v=3&w=256&rid=4&s=W_mwVdzlokdX2VmL_NvOZe0T
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
505bbace6a0518fd0c079be01040eddd8dd9beb201c97b85c491ccb902f88a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
6562
expires
Sat, 02 Nov 2024 04:10:08 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7223 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=10309&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F10309%2F201126%2F809ee6eb57df4e9c9705111ad7fa7d86_img_horizontal_1.jpg&v=3&w=1200&rid=4&s=nPtRIi4btW889eKcxTKHng99
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c0b26fee0bf4c8a306205ad90be4548cb4732823c4582a8bd8c5ae36930711d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
55084
expires
Sat, 07 Dec 2024 19:41:36 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7223 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2F7%2F3%2F737052351018_c.jpg&v=3&w=400&rid=4&s=Np4A4ky8M_RCMMpwxhuZmymm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e7a94ec9a2aaaae810ff1acd9bed59541d73cc8dde4b025cb6922d783b442c25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
3512
expires
Thu, 14 Dec 2023 04:50:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7223 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fm%2Fa%2Fmarc-jacobs-daisy-eau-so-fresh-eau-de-toilette-30-ml-3614229159073.jpg&v=3&w=400&rid=4&s=81qOBVOxyHNkCR9KfVLuyXCR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5353d24cf0e942eb420979acdcaabeadb14ffe629bcc663a89c03e4d0a53ced1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
3646
expires
Thu, 14 Dec 2023 04:55:30 GMT
all
csm.eu.criteo.net/ Frame 7223 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JZlqOIB1AGItch4kA1XzND4FKyCCFJD5rC38SUS3EsA8AQY9VbaL9RN-0h3Cm4XmST7O_rXZO_QCfRDB-aGKvqrjX-NnLvAl9sLQO06NakyRsu4L_EmbWnlBZW1CwRXLz_SMc8keL7rWkzVo1kZKHs8w6-RY48RR2co6gLy-8870r2C_N4hEr-1vhdNasd8FBhzCH2d4pxmVtSZUilz50JnoLjFV8B6VKe50J2V98EciFURsZpC5beeHOL0&sds=2&rev=89682&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7223 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7223 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame ED80 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClgxOtH56ZfK5Gt-yx_APv662gAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvGE77NEQbI-4AIAqAMByAMCqgSmAk_QA7091AyLEmNhdUDcUQpO83uPRa2qyo8cZWnZO-VagikgzKW61zKDMpwUgpgvM2Sy-YpdEAgNlanN33Zb8STXXI5FRndyImx9Gd1Ddz8YOkl4IeutAx5V7VEs2h4OCwhTRTzR-Oy16Sc7mr48ctzuuMQOoahuGYyIkg7QXomAoGwz8xaidWuN_bylkO40R7Pnd4BRZRgEXk8X0qMtpcNH1BM8Y1Yw4prHES1SnUlXnY94jpNicmxnMS40-TEUG42d7YS1ZKRfOt_H6i771nUy_PpZycgnf_1bmnTD9Zae1k7XIyK3ZowNn2dzzwZ916qanLGH5r_vVTAxDhfo1n2d3u2PnlFMWOu66jmyIBT7KAuc8LamM1aadESJk11ITjPiTfhO4-AEAYAGjsPYz6rI_PswoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLuI4P6FjoMDgAoD-gsCCAGADAHiDRMIkbXg_oWOgwMVX9kRCB0_lw0Q0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=JdbATINmqmQ&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_m0no6MSdwVZg0vZ5H-YiYyrh7l-AfhgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame ED80 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6SUDsY1oAHYBJ2DYgICAAAAAzYQzbKQ3ca_-dn-hfBvkRC0fnplaKrXNMgQklpH9AAAEgAACgpBUVVERHdFUER3&wp=ZXp-tAAGnPIIEdlfAA2XP0NSAlSToEY1HqDwCg&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
114745
server
Kestrel
content-length
0
truncated
/ Frame 4F18 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e13803bc285d72ce8f9fa2dabce7e115a5f9dbfbc54d9cc891460817f01833c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame D3C2 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733f3312d0a6ea385c56131985cad375dd697cfb4a810621a33269e67ea2ede3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137959
x-xss-protection
0
server
cafe
etag
6598756706873975757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame E118 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Wed, 27 Dec 2023 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame D66E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzvcGtH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBJ8CT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0Xn52KKxEwqvPzEeb5nd0Zr2rNi_X6RdkZQCsDKXSzf28LpGSMD3gBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA4AKA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=W0kMM-qVlyo&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf__qsX5Z9TbhaME1tQgh40NaaKZUhJlhgB&cbvp=2&vis=1
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D66E 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k_nHDsg12AVanYNiAgIAAAADNhDNspDdxr_52f6F8G-RELN-emVXGb-snj8h4aaDAAASAAAKCkFRVURBUUVCQVE&wp=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&cbvp=2
Requested by
Host: 63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:05 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
1835001
server
Kestrel
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 16DC 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137955
x-xss-protection
0
server
cafe
etag
8860941966186872456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 4F18 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733f3312d0a6ea385c56131985cad375dd697cfb4a810621a33269e67ea2ede3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137959
x-xss-protection
0
server
cafe
etag
6598756706873975757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C4A9 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05a284364a64ead151b487483b446008bbc55f6442f2026b733b195130ee866b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16185
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FCF1 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e5cb88fbc8fc34ff22d33431a645baaa710d7cffaefc56f0c930ee2cd4c7d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16474
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6617 		38 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6501ef6afa473d94b041f6d2cd74a0c8ca3d3a7195d01469f7b84dd30abb4776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16256
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6617 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:50:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 16:50:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6617 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
51291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 13:49:15 GMT
l
www.google.com/ads/measurement/ Frame 6617 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1tTO88PliQEpnarA4188PJPj7elLc9z45I4k2vH0T2J1FPSHJOJanV9mLFIbopTPV1lZ4xQqbzUJkKBC_T0K695xEQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6617 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
dr
as.ad4m.at/ad/ Frame 3EEE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jk5jx6jafrmkh2bsf40sp0c6vw4nwgszj12ckkxpnatxgfv7w88jpr3pt5zcaekv1z64c3rfabq3zq0qh2gtxf8405278acvtejdy6vkdtsa8nrxthrsfjjfjarypaqxtwwfbmks3c9qr4cjn8j8w562qn99ezqnkrtwjqp8z6bxz549hychams67xd0w1c5fw0sr7s2s13scpdm629vp6ry8kj39qr39064fpznysfeqwb45nj08dphzvtzwyq2es1wy90ace491a591ajmm99qse4r7esgjnjhxd1kjvymgqrxr7ym4r46fmd6g01evnqfgheemn67m9eb4s8dyf78839v0gfyj295r63tczp8yrk6qmcb6wngpzv4wjk9z1xn8hczeffq6z5tqmxbv3t5prx36h5tj4r9hxscb4bwwm29h9mwskpbtb3exs98tsty6wk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9181ff262efd68e595579c86d71284dfe1a835033f184ced2edf59d93cfa4b24
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
83538f96ba641d9e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 388C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 13:49:30 GMT
etag
48472445140208031
expires
Thu, 14 Dec 2023 13:49:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FCF1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:50:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 16:50:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FCF1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
51291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 13:49:15 GMT
l
www.google.com/ads/measurement/ Frame FCF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSm2PtHeN4Az-gmoQtOlKub8e-bRHuMULF2GJbaCHyvLv6twTVXmRwMSXrxIS1B4LvwwtJXO5FytRYA0efRGsX-bSdYtw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FCF1 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
dr
as.ad4m.at/ad/ Frame 052B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jhgwme0nne7nedpq6zn2w858kw9bbka32gsecjnn0h6mnvt0m7fd5h9zmn9j3qm904va6n1ny2j8vqn6s9xa2yepxh0fx4vb45pc7v6vhx2x41mrq3z3n8qs2e1v4p1q9p6mv4fx1enpwc3zwxzz0495ekpcqsymxtq1heygjqddcph9qp9jdee71kgxtdmvn3a0kdbpfn2gtwd52ajt7gaxdyws1epw0g63bmbx7cn4kcpren96kb9xpv79hk14re0nj3x29me9stzcahqpts8fm9jpys1atj9rkxe6t6qqwmyxt72f23a9c5fewkkby454vatbz6a1hzfk8wwfpz7xe02ky4611akx7a9tp7zgx41zd32dkhbjmez5c4t0wffcgag487rgnhd2f4k9n7441aeey8hrjn1yfwabyt8eeqkrjxf8j14sw023chp7vez3awrpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3e8c5c7c8d969a986dfecbcb818e0fd2aa306b7cf5e96c120378ff09043d1d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
83538f96ba651d9e-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1BB6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 13:49:30 GMT
etag
48472445140208031
expires
Thu, 14 Dec 2023 13:49:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6617 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2a666416f4bd544927375cc1fb0465d0519caf439ef9f1c472a6752816de9a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 388C 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBGapIoLlNnIBCGvBJ_QzYA&google_cver=1&google_push=AXcoOmQjbv3y0UjPUdCIVqDoLddcUQUicJrfBHRvx54tDgo5ShfqAxxfnzmcCRqOOd5db2IrclxDRyr8j6dK_mRdbNAsKqIMMeAE1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 388C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIe9msHnzRLJnZoUgTys2BE&google_push=AXcoOmQ7WSymfRHKXgqWEXV5vVWhYn7i9PselDrd-O55EbV00hA0gmLOEW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIe9msHnzRLJnZoUgTys2BE&google_push=AXcoOmQ7WSymfRHKXgqWEXV5vVWhYn7i9PselDrd-O55EbV00hA0gmLOEWMI2NDWW1z4syeFGc1AJDu7BhcbBbgGE13Gv9uSHdVLEQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230061-FRA
pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702526647.873221,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIe9msHnzRLJnZoUgTys2BE&google_push=AXcoOmQ7WSymfRHKXgqWEXV5vVWhYn7i9PselDrd-O55EbV00hA0gmLOEWMI2NDWW1z4syeFGc1AJDu7BhcbBbgGE13Gv9uSHdVLEQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 388C
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENjtdNhdKoTxcw6bTOre0LI&google_cver=1&google_push=AXcoOmS1m1prhHzldPxIfL02xhiv5EjYiXEjsl1VMtWZS2LNWk_ooC_enNi2uytjfP5FgWsjyxf3SxgUIc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1m1prhHzldPxIfL02xhiv5EjYiXEjsl1VMtWZS2LNWk_ooC_enNi2uytjfP5FgWsjyxf3SxgUIc7geAHvamoHV29NNJm_yA&google_hm=XFQrzDilR2a06Sx8Yk...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1m1prhHzldPxIfL02xhiv5EjYiXEjsl1VMtWZS2LNWk_ooC_enNi2uytjfP5FgWsjyxf3SxgUIc7geAHvamoHV29NNJm_yA&google_hm=XFQrzDilR2a06Sx8YkG5lE0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1m1prhHzldPxIfL02xhiv5EjYiXEjsl1VMtWZS2LNWk_ooC_enNi2uytjfP5FgWsjyxf3SxgUIc7geAHvamoHV29NNJm_yA&google_hm=XFQrzDilR2a06Sx8YkG5lE0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 388C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBfWVDFENTnVpyentCxjqW8&google_cver=1&google_push=AXcoOmTh6UUbxB4FRHL__5349aemuHe8Ya3lgSOnx8Zm9DflGIxhKF-xL24MUjp1W4_-JkPScCitdqutAvI7iJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjI5NjI2NTE1Mjk4NTIzMg%3D%3D&google_push=AXcoOmTh6UUbxB4FRHL__5349aemuHe8Ya3lgSOnx8Zm9DflGIxhKF-xL24MUjp1W4_-JkPScCitdqutAvI7iJoGNs...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjI5NjI2NTE1Mjk4NTIzMg%3D%3D&google_push=AXcoOmTh6UUbxB4FRHL__5349aemuHe8Ya3lgSOnx8Zm9DflGIxhKF-xL24MUjp1W4_-JkPScCitdqutAvI7iJoGNsGy46GcIzIUWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjI5NjI2NTE1Mjk4NTIzMg%3D%3D&google_push=AXcoOmTh6UUbxB4FRHL__5349aemuHe8Ya3lgSOnx8Zm9DflGIxhKF-xL24MUjp1W4_-JkPScCitdqutAvI7iJoGNsGy46GcIzIUWA
Date
Thu, 14 Dec 2023 04:04:06 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 388C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAxBsctflEcNGgHdUB6qk9c&google_cver=1&google_push=AXcoOmSkSKjefVidyettfQOdDZJ0mnIA0Eigv4EFSTmw4wA4c2EWojbNXg_i6nGc43vO9G3tbR9mdJ9qpqUY...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkSKjefVidyettfQOdDZJ0mnIA0Eigv4EFSTmw4wA4c2EWojbNXg_i6nGc43vO9G3tbR9mdJ9qpqUYdUCg1sbIPYtguZ9A
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkSKjefVidyettfQOdDZJ0mnIA0Eigv4EFSTmw4wA4c2EWojbNXg_i6nGc43vO9G3tbR9mdJ9qpqUYdUCg1sbIPYtguZ9A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSkSKjefVidyettfQOdDZJ0mnIA0Eigv4EFSTmw4wA4c2EWojbNXg_i6nGc43vO9G3tbR9mdJ9qpqUYdUCg1sbIPYtguZ9A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync.smartadserver.com/api/ Frame 388C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECCBuXDZzta_OyZVcL416Xc&google_cver=1&google_push=AXcoOmTbe0nFiTnEpASAV0mPsLh_mCd_C6PhIXUlASZytPLBu1_K5xBeYSLZuVFoYqTxQzdmbFAAl8n4DayX5PujZJEPpN-qCYG8dA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-length
0
/
onetag-sys.com/match/ Frame 388C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAxBsctflEcNGgHdUB6qk9c&google_cver=1&google_push=AXcoOmQIzfdjHeimqMaodus5GdwnmLZoaVQ2ic-2dM8xJGmTewUkkGhWBTbu6lE8CK8Z05kNIXK_84WeoDW...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQIzfdjHeimqMaodus5GdwnmLZoaVQ2ic-2dM8xJGmTewUkkGhWBTbu6lE8CK8Z05kNIXK_84WeoDWXUNgkCOQbNr5x4OACXA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 388C 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGwZO41NXBoacfGMnSL83QAPjZhk9KZrV_uD_FAXq3QZYaoCrDL260npwhL8cR4foV0JAA4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 1BB6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=alFCMzVNRFYxUmRDWGM1&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmTl5lKKaEJAXKM3f7hKNHa0MBGvgI0RiSrksdjDGp1...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=alFCMzVNRFYxUmRDWGM1&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmTl5lKKaEJAXKM3f7hKNHa0MBGvgI0RiSrksdjDGp1jGLHnvjdzebGlHUqfxDJJt3ABnLlpYLgxUZPC6A9j1izQapQXtqztNw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 04:04:06 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=alFCMzVNRFYxUmRDWGM1&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmTl5lKKaEJAXKM3f7hKNHa0MBGvgI0RiSrksdjDGp1jGLHnvjdzebGlHUqfxDJJt3ABnLlpYLgxUZPC6A9j1izQapQXtqztNw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 1BB6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE6rtihE4j_Lk1REIZovNGM&google_cver=1&google_push=AXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEU...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE6rtihE4j_Lk1REIZovNGM&google_cver=1&google_push=AXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUh...
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE6rtihE4j_Lk1REIZovNGM&google_cver=1&google_push=AXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEUw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEUw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83538f97f844913a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
350
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE6rtihE4j_Lk1REIZovNGM&google_cver=1&google_push=AXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEUw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJXjuPFVj3J5YSYaTkIBBUVEvZfiuqpmzvFxKOXvmcTEdrmClyeQgfbSWnrr_Fw55HPsT_v-qgpM1DDcB_aHMWNc-IdUhEUw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83538f96ff84913a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1BB6
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDkSfdp8M1CPeCh3vXkka3Y&google_cver=1&google_push=AXcoOmRVA0meHu6Wx0tpsIe29mH4QW1QOEj91hjolKpufRJ92tQoC4KbCziBm17WNCwgARi_tJ0IPva-6w0RUe_z...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7u-UIWr1RwQMMSBFlzi0Ow&google_push=AXcoOmRVA0meHu6Wx0tpsIe29mH4QW1QOEj91hjolKpufRJ92tQoC4KbCziBm17WNCwgARi_tJ0IPva-6w0RUe_zlPUnYnIZNO6FMw
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7u-UIWr1RwQMMSBFlzi0Ow&google_push=AXcoOmRVA0meHu6Wx0tpsIe29mH4QW1QOEj91hjolKpufRJ92tQoC4KbCziBm17WNCwgARi_tJ0IPva-6w0RUe_zlPUnYnIZNO6FMw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 14 Dec 2023 04:04:06 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7u-UIWr1RwQMMSBFlzi0Ow&google_push=AXcoOmRVA0meHu6Wx0tpsIe29mH4QW1QOEj91hjolKpufRJ92tQoC4KbCziBm17WNCwgARi_tJ0IPva-6w0RUe_zlPUnYnIZNO6FMw
x-host
tde-deliveryengine-production-5945689648-lcjpp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
-
s.ad.smaato.net/c/n/// Frame 1BB6 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAPv6aJNI9KxvxxHX0WJnkc&google_cver=1&google_push=AXcoOmTjmOo5X5iiGdqa6SmOyirWOwTToixOsqkoU1HAJhUfbF_JtLxHKeye2WiDtkchweN5Dss0CRe-eNmGjJMMypAwHvENnhbOCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:f200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
cache-control
no-cache, must-revalidate
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
KYPOPFSLyZvesa-lN-_uWaz0yDZT_vifuzwVcGNRYAwdZlx9XbEm4g==
x-cache
Miss from cloudfront
pixel
cm.g.doubleclick.net/ Frame 1BB6
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED3UJ7dx1S7pl2PhdA3qaf0&google_cver=1&google_push=AXcoOmTuQDnoO2ALAgFIBRC8CgLTQ7Z23RDmieSARKLLJ-ALuC9d5n_6zbUMvJ0a1RsIuIeGZX_v70JNcqUVu9rPB8wAo9nyZI...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTuQDnoO2ALAgFIBRC8CgLTQ7Z23RDmieSARKLLJ-ALuC9d5n_6zbUMvJ0a1RsIuIeGZX_v70JNcqUVu9rPB8wAo9nyZI6...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAzNTA5OTMxNDQzNjg0MjQ4NTE3Mg%3D%3D&google_push=AXcoOmTuQDnoO2ALAgFIBRC8CgLTQ7Z23RDmieSARKLLJ-ALuC9d5n_6...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAzNTA5OTMxNDQzNjg0MjQ4NTE3Mg%3D%3D&google_push=AXcoOmTuQDnoO2ALAgFIBRC8CgLTQ7Z23RDmieSARKLLJ-ALuC9d5n_6zbUMvJ0a1RsIuIeGZX_v70JNcqUVu9rPB8wAo9nyZI6d0Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAzNTA5OTMxNDQzNjg0MjQ4NTE3Mg%3D%3D&google_push=AXcoOmTuQDnoO2ALAgFIBRC8CgLTQ7Z23RDmieSARKLLJ-ALuC9d5n_6zbUMvJ0a1RsIuIeGZX_v70JNcqUVu9rPB8wAo9nyZI6d0Q
date
Thu, 14 Dec 2023 04:04:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 1BB6 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECCBuXDZzta_OyZVcL416Xc&google_cver=1&google_push=AXcoOmSpjnEL3Y3i44l0uVbIHWmCyG1iXJisF59MY98JSt2tpQ_x9MlPDzNZbqE6KMjnU6v7dBWY0N-i93U-sJ26ihF9MU0MsOF-4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.100 , France, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-length
0
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 1BB6 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHFtYslOAfZlwln38QtGY10&google_cver=1&google_push=AXcoOmTWEEC88T1DZeulgul9NLcJJXjXZzb0gFBgPETkq7aTd4CjvcHt3Pi8cqADEpXhuvkk9LqMbXy5ROCP7KT8j-uPx-S3JNWV-n4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.171.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-171-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 1BB6 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYyoRQM65e1CgwX0GwUbmQ1cG8fSohg4S9QuVOflCysNXr_bByiO3UIBQCYXOuack_ODJdJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 3EEE 		115 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jk5jx6jafrmkh2bsf40sp0c6vw4nwgszj12ckkxpnatxgfv7w88jpr3pt5zcaekv1z64c3rfabq3zq0qh2gtxf8405278acvtejdy6vkdtsa8nrxthrsfjjfjarypaqxtwwfbmks3c9qr4cjn8j8w562qn99ezqnkrtwjqp8z6bxz549hychams67xd0w1c5fw0sr7s2s13scpdm629vp6ry8kj39qr39064fpznysfeqwb45nj08dphzvtzwyq2es1wy90ace491a591ajmm99qse4r7esgjnjhxd1kjvymgqrxr7ym4r46fmd6g01evnqfgheemn67m9eb4s8dyf78839v0gfyj295r63tczp8yrk6qmcb6wngpzv4wjk9z1xn8hczeffq6z5tqmxbv3t5prx36h5tj4r9hxscb4bwwm29h9mwskpbtb3exs98tsty6wk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jk5jx6jafrmkh2bsf40sp0c6vw4nwgszj12ckkxpnatxgfv7w88jpr3pt5zcaekv1z64c3rfabq3zq0qh2gtxf8405278acvtejdy6vkdtsa8nrxthrsfjjfjarypaqxtwwfbmks3c9qr4cjn8j8w562qn99ezqnkrtwjqp8z6bxz549hychams67xd0w1c5fw0sr7s2s13scpdm629vp6ry8kj39qr39064fpznysfeqwb45nj08dphzvtzwyq2es1wy90ace491a591ajmm99qse4r7esgjnjhxd1kjvymgqrxr7ym4r46fmd6g01evnqfgheemn67m9eb4s8dyf78839v0gfyj295r63tczp8yrk6qmcb6wngpzv4wjk9z1xn8hczeffq6z5tqmxbv3t5prx36h5tj4r9hxscb4bwwm29h9mwskpbtb3exs98tsty6wk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
595370
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hu4RUF7Ufh8uLyLeificAthgXFXZTde0PAY1aeHMPVDuYpZK3wBMM5y%2Bobf%2F74krzwFx1OFcaqGx9R4EwP%2BVKZscJWCpTValqFzc3XJa%2Bg71hLbe%2BZq4IutkRavdCq6RxcdKzbsiKDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
83538f970ab41d9e-FRA
expires
Fri, 15 Dec 2023 04:04:06 GMT
r62eglto.js
ad4m.at/ Frame 3EEE 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jk5jx6jafrmkh2bsf40sp0c6vw4nwgszj12ckkxpnatxgfv7w88jpr3pt5zcaekv1z64c3rfabq3zq0qh2gtxf8405278acvtejdy6vkdtsa8nrxthrsfjjfjarypaqxtwwfbmks3c9qr4cjn8j8w562qn99ezqnkrtwjqp8z6bxz549hychams67xd0w1c5fw0sr7s2s13scpdm629vp6ry8kj39qr39064fpznysfeqwb45nj08dphzvtzwyq2es1wy90ace491a591ajmm99qse4r7esgjnjhxd1kjvymgqrxr7ym4r46fmd6g01evnqfgheemn67m9eb4s8dyf78839v0gfyj295r63tczp8yrk6qmcb6wngpzv4wjk9z1xn8hczeffq6z5tqmxbv3t5prx36h5tj4r9hxscb4bwwm29h9mwskpbtb3exs98tsty6wk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
67757
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtz7iDVtiovMXMhgKYo0igr8rPg7Pf5L7%2BU4zEu6u1X3V1ODKHvevHwGzS%2FQum7clGKj2Uffg8Z0GD%2FyOIIAojRHQXPxfYa786DxMT%2FNNMWM1Izgh4feEn1UPmlVJ%2F0VKr3zAcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
83538f970ab51d9e-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 09:14:49 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 052B 		115 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jhgwme0nne7nedpq6zn2w858kw9bbka32gsecjnn0h6mnvt0m7fd5h9zmn9j3qm904va6n1ny2j8vqn6s9xa2yepxh0fx4vb45pc7v6vhx2x41mrq3z3n8qs2e1v4p1q9p6mv4fx1enpwc3zwxzz0495ekpcqsymxtq1heygjqddcph9qp9jdee71kgxtdmvn3a0kdbpfn2gtwd52ajt7gaxdyws1epw0g63bmbx7cn4kcpren96kb9xpv79hk14re0nj3x29me9stzcahqpts8fm9jpys1atj9rkxe6t6qqwmyxt72f23a9c5fewkkby454vatbz6a1hzfk8wwfpz7xe02ky4611akx7a9tp7zgx41zd32dkhbjmez5c4t0wffcgag487rgnhd2f4k9n7441aeey8hrjn1yfwabyt8eeqkrjxf8j14sw023chp7vez3awrpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jhgwme0nne7nedpq6zn2w858kw9bbka32gsecjnn0h6mnvt0m7fd5h9zmn9j3qm904va6n1ny2j8vqn6s9xa2yepxh0fx4vb45pc7v6vhx2x41mrq3z3n8qs2e1v4p1q9p6mv4fx1enpwc3zwxzz0495ekpcqsymxtq1heygjqddcph9qp9jdee71kgxtdmvn3a0kdbpfn2gtwd52ajt7gaxdyws1epw0g63bmbx7cn4kcpren96kb9xpv79hk14re0nj3x29me9stzcahqpts8fm9jpys1atj9rkxe6t6qqwmyxt72f23a9c5fewkkby454vatbz6a1hzfk8wwfpz7xe02ky4611akx7a9tp7zgx41zd32dkhbjmez5c4t0wffcgag487rgnhd2f4k9n7441aeey8hrjn1yfwabyt8eeqkrjxf8j14sw023chp7vez3awrpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
595370
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I259kyZAR%2BMAXE4onREe%2F%2ByEzrINqIGZiV8kod5v%2FLy%2FSLqMk5%2BHU56YII8SD8H3R4Poa4JtQPA8jbJqzpeVwZpcMOjRA8uVYYndOVqZyMooy4vHxFUyB%2FvGVlwucdymm2XcviPO15U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
83538f971ab81d9e-FRA
expires
Fri, 15 Dec 2023 04:04:06 GMT
r62eglto.js
ad4m.at/ Frame 052B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jhgwme0nne7nedpq6zn2w858kw9bbka32gsecjnn0h6mnvt0m7fd5h9zmn9j3qm904va6n1ny2j8vqn6s9xa2yepxh0fx4vb45pc7v6vhx2x41mrq3z3n8qs2e1v4p1q9p6mv4fx1enpwc3zwxzz0495ekpcqsymxtq1heygjqddcph9qp9jdee71kgxtdmvn3a0kdbpfn2gtwd52ajt7gaxdyws1epw0g63bmbx7cn4kcpren96kb9xpv79hk14re0nj3x29me9stzcahqpts8fm9jpys1atj9rkxe6t6qqwmyxt72f23a9c5fewkkby454vatbz6a1hzfk8wwfpz7xe02ky4611akx7a9tp7zgx41zd32dkhbjmez5c4t0wffcgag487rgnhd2f4k9n7441aeey8hrjn1yfwabyt8eeqkrjxf8j14sw023chp7vez3awrpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
67757
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wpe0txJRWCzhEdUOXiIhB8xvq4AP3j7QU1T5o0AwXW2Am99vyp1mLbThSaP6RzFFeUk75FLMSUxCqUxFvIPrva2pPGnuwxZBYTR8GWNvlggHGe2mR2ttBgQcpP%2Bu%2Bv3BblGZJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
83538f971ab91d9e-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 09:14:49 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3EEE 		350 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2043893
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsHfNq6drQ0LV21rVmnFezKazDLR3wFVEWiyUssDZ6NWRsqN6Hju%2BPN%2BO0oK6MdLTsRq%2Bf%2FTGqDCjEJdnsoskqTn8DJXYQqIuxksFCugO9mVQVT36GvYCE6wR%2BBDGilXD9qV0wyTLDk6nMsN244CKVR%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f9759cf36df-FRA
expires
Tue, 19 Nov 2024 11:23:05 GMT
cookie-frame.html
ad4m.at/ Frame A14B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1341959
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
83538f973c8c3673-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
Tue, 28 Nov 2023 16:18:07 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Goql%2FTJLWcbbDKu3eE3OE0VG7WS5y4g%2FIhRNJx9I1OJEarLgVFHCh3V6T94BAImFXy6CSkH5fHjGKCthdky94uZxG93l9ni1eNMlb70EkpRj2IybQAKYBo9vpktntl68e6G0BlE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame FCF1 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C93dUtn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0AFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAdsOuu1o-yxzODp_ztDv4_YYJsJlBboKYx8sNNWpZoC_G21ClxTlgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=sV4fLev6oSY&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_HK1Y_jhT0bqQlH9ycBkeXj-7YM68rT8hA-cSFFRUhV415PSNGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 14 Dec 2023 04:04:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame FCF1 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h3bzc8k1hzq5tr1479qsdk4d1mr3tc399t1g14rmbqy1ymxreck4wbhg6tjnzt2vkqfp3gpjw1ntrzwcxqrtwns4z8yaekvqmv2phg0gbjxn6rbhjbp8q8863bpzsr4bh7at2n4ewhh9v34hk2cvtg73avx53n65prb3et481srj8h8wfz5ecbhk4w3p9vktvytgfertgyk66ff1074g6qkh82mbq2c8sczzebm58mgkx0rp33r772x6j0qryx9qv2dxs6qvb9s3qwj58pyv5cja8nk9k9tt2zpxsqcvcz31vf8mr7pt1pj83b9k1esyp8t3ffmt7j38ttqeyvbw92j2jk10ygkgbxweym658n9nvmv4ad9wt5n3aywr1qv8wrk7xmzdsn2hf8&b=ZXp-tgAI-DAIVSfsAAHn7EQojTL_ZM16KcG9_g&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646245&bpp=122&bdt=206&idt=313&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C95320238%2C44798934%2C44809004%2C44809531%2C95320870%2C95320885&oid=2&pvsid=3703292431370130&tmod=1559158266&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9391vdbwsmxe&fsb=1&dtd=322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 04:04:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
cookie-frame.html
ad4m.at/ Frame E748 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1341959
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
83538f974c903673-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
Tue, 28 Nov 2023 16:18:07 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nROAkZ0jXm74TIPMNOn2yYMuIBKkerHspMoHFXqEmQFlmOxY6GzhVdAiCm7ZrK9YaulRMkblEuJzKdsrNFH4wA2fN0OLPL3t6G7AMgPEfEte%2F5Des243C25n%2B%2Bi4Bhuu9fknAk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83538f976b863a52-FRA
content-length
24
content-type
text/plain
date
Thu, 14 Dec 2023 04:04:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDATg76mclPs3qbkKkqsWuC8KO23iA11BMFPXrPTRhPAmbi8h8RuyvY43BKf7o7PP%2BCHbaXbEcljU%2FlPDmLy45mEARp5DvccYe0vb1Wk21HQYF5qCS1r1PSSqoOuNPlmmw7lb8Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-j4nw
rs
ad4m.at/ Frame 3EEE 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
113ff679141f98d89db362ed4e7a4b73ffb168a5401d01d58bc462076352bc18

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQxo89Gye5S553QIqtXiwqg4OC4PJr2IItlIGlIuIagVfjbNT39q%2FzWYc81OU3uaFc8nH%2FjfaHGautRGrJzYXiXcPqB48SGCefGQ5VlIwA%2BK4dk4xTgGSHdRHR7yCsJ87d5PI54%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
83538f979ba13a52-FRA
x-backend-server
aa-reachservice-group-europe-west1-j4nw
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83538f976b873a52-FRA
content-length
24
content-type
text/plain
date
Thu, 14 Dec 2023 04:04:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opHykCuFona6EQT4p%2B%2F%2By%2Ffq%2F6KWHcyGO2fuKR3s7IDYXuG6BqcWDE%2Fbq2AB0jxxcR5Kwm4l7YNhy%2BF0wQ7bvs2bgqk5aK6LVfyYLeRx%2FsHppCJ9t2SJ8zgL7121D1l3wSClOcs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-j4nw
rs
ad4m.at/ Frame 052B 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d936ec43448ad6ab0052192eb00d9d4d37efec2a694e569d93b12e5421b71c30

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMkwEBbIdKU9V%2F7q19YZaB0x%2FN2hE1HDAHgBQvjOajJQmVYwvN8XANMNVFXj28y7nvxqmmrylwLX3sYJbQapEj2a9GMlCclgovy9IJZGJ1xQ5GVIl3K%2FWdQdKHODzerE1kUi2s4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
83538f979b9f3a52-FRA
x-backend-server
aa-reachservice-group-europe-west1-j4nw
alt-svc
h3=":443"; ma=86400
adview
googleads.g.doubleclick.net/pagead/ Frame 6617 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpHW3tn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTMAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRpB6yEw2vOqEgNtpN8pLFEW_QDdHJJETBdZmKQIltWiEDYFbJA7qIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=c2r5MvlOkJ8&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_rv7gRCAzfWwwT9_Lp-DQYC9Z56YbmrKDXmZYdAjwyLjzRyY-GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 14 Dec 2023 04:04:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 6617 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gphtwm6k3gfvy4bjn3gyavgnjy04xvwx5vpkte2hk89qtx0e0ng7py4m47bpkj5qgzr060dbt3ye32w0ch1cdyxfb0q44qpgb22ajgbwyjjfpja9y5q4t4jgqxxy3end2cr64snj6v74hy2ygnvfz1298smep77r95fjstr9rqq685rtmca2ay9r1gj8p52wecgggc5qywez6d15dd53sx7ewqpw9wqpz1q056t96qw3xr8mm8qxfa7p9per0w34fa5m5w3p1qd47edd14j6d4mnpf8ftgwf11qgnwxt3awrkb8177d62se4pdpdaqhhbehr20pmv73wtryb868qkaqw7vrbrh20c6j5prrq2pdbep5gpr8s42yy20e2kxjfqqtf441vs5qqr0&b=ZXp-tgAJ2CsK4DEIAArDbsKJZKediP9CK5p_Mw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646260&bpp=217&bdt=217&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=319204246&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079758%2C44798934%2C95320884&oid=2&pvsid=968190693314162&tmod=249582351&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6n9021wube53&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 04:04:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 16DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUWwhm_qPNNVmEjOM-s-8YpMi-BBnBJH_mlPg1nZsbSCq6N66I5J-QtbcMaeNfxtI9uZk5HqpW-eto7QcgQlrXbTO5JPBShz8K7BHE_uHwEnt2s4HLB493Ei7ob6dMQXND33eUyFM9XLm-StJ4XgOv4zCniK6WXA9_BnQ6rcHK6zhK2BMrVxBG1zwNod-7_p8hqw2VqOByTNd7Kv_VUd1NlHXn2mzFL7akTgP1UXJsPQZJX2bLlEvcFWcVN4Z1ICl4MjmcFM53js-KMWR2RHg7IMj3E2X8mMNPPxXfWpRJ70oc-BasvdF1RGgrWoyQhDSqWgV7xxi2aktlAnttopm15DtAN2HxQktyeLrl7JGZ-MZ_lNU06cz3s-gN4SIuN9Wnlzp5SOz_6AYpxclik8I&sai=AMfl-YSb3DCzOGfNAGFjiqNJEwxyScipUYEyXGGimnGw6DhIk2C6-FWSshKxse0AR3GLlJLKN_nTLc3BeTWA24M&sig=Cg0ArKJSzK5NvcbKpbCAEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Dec 2023 04:04:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 16DC 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
384a129e7eafe62f1a1b734f6d265aa9b5c547f6538f0abb414953e5908c7714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12388
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C4A9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 16:50:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 16:50:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C4A9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
51291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 13:49:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C4A9 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 04:04:06 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3C6C 		136 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eae9ea24d2cc7a95384286b3e7036ef30b9a40c3d98702fb6913188f64b713e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:06 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=cCDapIB1AGItch4kPP368KjP3AER8p9DHZ1EJKltkOxRhpnb_ymG2Fnf_kD6RTltU0IUnA-FR7wblNZwRRu43XH1WE5RLaJ_d3b_AFdbFINEs9JpejzViG_twh-y8ZU9fDdW6nhzP0C25rjFwnwLOnTCJet6SFfa_q8lK8pnGjUpUHj11WSaq5Tcjp9YmcP5n6G2lxbk_l0ebqhje0AKZarOlljcloYr2_0Paqf-ocjyfT4_0hrO6a1qaTAFyNPDnbaEuA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
42183377
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2A5A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 13:49:30 GMT
etag
48472445140208031
expires
Thu, 14 Dec 2023 13:49:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 2A5A 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBGapIoLlNnIBCGvBJ_QzYA&google_cver=1&google_push=AXcoOmQRNNkl6-Djd3TZ0-PXMcfKyPLFJfFbTF65r2R0ytntyqcNYaMqD48SKmJlEnQsOLUYYfPgYSPZNwJbpGF8O24gy8ZPq5sj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 2A5A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=alFCMzVNRFYxUmRDWGM1&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmQJ7-keP8kC6nj25zN0SkpQDCt7L_Vs08CYCMpOQy7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=alFCMzVNRFYxUmRDWGM1&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmQJ7-keP8kC6nj25zN0SkpQDCt7L_Vs08CYCMpOQy7aBzTIzrTySHpIYsmGjIxUhEsQ1F8nncDhRF5NlGJM424pt6LLxrs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 04:04:06 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=alFCMzVNRFYxUmRDWGM1&google_gid=CAESEBNyvHrjLeuX9e5-D8-8NIs&google_cver=1&google_push=AXcoOmQJ7-keP8kC6nj25zN0SkpQDCt7L_Vs08CYCMpOQy7aBzTIzrTySHpIYsmGjIxUhEsQ1F8nncDhRF5NlGJM424pt6LLxrs
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A5A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMAbIQhKXsm91NaQIfDnOQ8&google_cver=1&google_push=AXcoOmRxAjB9GdTe60zVgqlS9KeXAqhbxa7ffzbltwjzgaVj1e5B2MSTFobqW4GPaN4sDctVN2uC5KJaDc2kCMhinPF8bMuGStib
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B21D9CD3A8541FC9C830CCD27C863AE&google_push=AXcoOmRxAjB9GdTe60zVgqlS9KeXAqhbxa7ffzbltwjzgaVj1e5B2MSTFobqW4GPaN4sDctVN2uC5KJaDc2kCMh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B21D9CD3A8541FC9C830CCD27C863AE&google_push=AXcoOmRxAjB9GdTe60zVgqlS9KeXAqhbxa7ffzbltwjzgaVj1e5B2MSTFobqW4GPaN4sDctVN2uC5KJaDc2kCMhinPF8bMuGStib
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 14 Dec 2023 04:04:07 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5B21D9CD3A8541FC9C830CCD27C863AE&google_push=AXcoOmRxAjB9GdTe60zVgqlS9KeXAqhbxa7ffzbltwjzgaVj1e5B2MSTFobqW4GPaN4sDctVN2uC5KJaDc2kCMhinPF8bMuGStib
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 13 Dec 2023 04:04:07 GMT
pixel
cm.g.doubleclick.net/ Frame 2A5A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBfWVDFENTnVpyentCxjqW8&google_cver=1&google_push=AXcoOmRfW9LPqKgV6UanJ1i2ilsHRCe0J6jMzKazAM3s__O0E3CpZEhfI_oU7oIYytYsyu_OOftsLiCVfzkA9l...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjI5NjI2NTE1Mjk4NTIzMg%3D%3D&google_push=AXcoOmRfW9LPqKgV6UanJ1i2ilsHRCe0J6jMzKazAM3s__O0E3CpZEhfI_oU7oIYytYsyu_OOftsLiCVfzkA9l9uP6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjI5NjI2NTE1Mjk4NTIzMg%3D%3D&google_push=AXcoOmRfW9LPqKgV6UanJ1i2ilsHRCe0J6jMzKazAM3s__O0E3CpZEhfI_oU7oIYytYsyu_OOftsLiCVfzkA9l9uP6C9828GFhgp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjI5NjI2NTE1Mjk4NTIzMg%3D%3D&google_push=AXcoOmRfW9LPqKgV6UanJ1i2ilsHRCe0J6jMzKazAM3s__O0E3CpZEhfI_oU7oIYytYsyu_OOftsLiCVfzkA9l9uP6C9828GFhgp
Date
Thu, 14 Dec 2023 04:04:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 2A5A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMVr2dB97r1pACevH1ncF38&google_cver=1&google_push=AXcoOmREdHO2r6A5N_dIZEN1DL9Kpc1so90i7sSbuiYCktDspgm-3XDbxKrXDbEclf-MwxbQ9NhFmkUKpGS4I4feFtoLnsK2LDk4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.171.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-171-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 2A5A 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ21ZtpFrloFq39gAkhxbt_FoE4hnIDzQ5RmD8e1rtFlEPw-igAuZYz55BMaZz4P0a59M6B5lDJngrPT8w7yJePsBv3la26&google_gid=CAESEMXXXMZRgOVEU1plTHl_Czs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
223649
expires
Thu, 14 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A5A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPxKfjgB3rds919mUTZyRbY&google_cver=1&google_push=AXcoOmTq4PfjV23A-CUAVc3rkBMdRaBZY3aZMUZZboY47nyT55VV7yn4qusiAU_7kQRd51NwodHajhns...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPxKfjgB3rds919mUTZyRbY&google_cver=1&google_push=AXcoOmTq4PfjV23A-CUAVc3rkBMdRaBZY3aZMUZZboY47nyT55VV7yn4qusiAU_7kQRd51NwodH...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjczODIwNjU5MzMxNjMyOTE5Mg&google_push=AXcoOmTq4PfjV23A-CUAVc3rkBMdRaBZY3aZMUZZboY47nyT55VV7yn4qusiAU_7kQRd51NwodHajh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjczODIwNjU5MzMxNjMyOTE5Mg&google_push=AXcoOmTq4PfjV23A-CUAVc3rkBMdRaBZY3aZMUZZboY47nyT55VV7yn4qusiAU_7kQRd51NwodHajhns05s-CCWZpqkQOuLpQI00
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjczODIwNjU5MzMxNjMyOTE5Mg&google_push=AXcoOmTq4PfjV23A-CUAVc3rkBMdRaBZY3aZMUZZboY47nyT55VV7yn4qusiAU_7kQRd51NwodHajhns05s-CCWZpqkQOuLpQI00
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 2A5A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kg4rGqGLyySXYua7O4tT_Y0t6jRYqwIRv1xGaEjen1xoDnidxjLqE8wkLdOJRxaCSLAKey
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 4F18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxb-5jU684fHfiXXLf7Uk4t5cYzkS8NbDop8ziZM_yByoFke5OrfXSw2q8ui1rxUZXTeNsq_W3hH7yR6ys1Y_8crT4J5DQk7auiqa_iEFJvl3M0c57NBAFHQVcYhKbVnt3FPoLY94ekPm4U37OVNc5T_p0UUsrPPIXwLszjyHeieAtlBRg2AimsKp6TdxhARIGTAepnfmeTvUVT1Ck6YYhilH4Jz5HzXTffMhfIb7tECj_WjhuVLQluz2_57mQPAys5zaO93EGmdnCD-RofKPxg_EsxMRAsNbqj2EvhfrT0G4PtmZch1-ajBA0L5fFP2JH8kmGc-PHEdA27YGl9nsZCMwfIg0ktNa2IiD5YeWv6PuyfeyT_W_pznqhpefzmnrJFJHMgxm9wqqHhPrl7qfJ&sai=AMfl-YS7ZvnIqC7mW8G_O6nMD1_yY3F7Ehxts_b0lQIv3ssJb4wE1PNnXXlhWGnC_SYbdZJfSfuAo2GOteXUV_Y&sig=Cg0ArKJSzPCAoUm_sp_TEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Dec 2023 04:04:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4F18 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55c673242c0392e8ab1a099e0b7ed03de1dfb7634780d7fb60b1c15ff3df62ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12123
x-xss-protection
0
rar
as.ad4m.at/ad/ Frame 52A3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c325a77dca399f42a0e0a23e27146de053cfb2e024b2430cdf1eaafaecece43f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jhgwme0nne7nedpq6zn2w858kw9bbka32gsecjnn0h6mnvt0m7fd5h9zmn9j3qm904va6n1ny2j8vqn6s9xa2yepxh0fx4vb45pc7v6vhx2x41mrq3z3n8qs2e1v4p1q9p6mv4fx1enpwc3zwxzz0495ekpcqsymxtq1heygjqddcph9qp9jdee71kgxtdmvn3a0kdbpfn2gtwd52ajt7gaxdyws1epw0g63bmbx7cn4kcpren96kb9xpv79hk14re0nj3x29me9stzcahqpts8fm9jpys1atj9rkxe6t6qqwmyxt72f23a9c5fewkkby454vatbz6a1hzfk8wwfpz7xe02ky4611akx7a9tp7zgx41zd32dkhbjmez5c4t0wffcgag487rgnhd2f4k9n7441aeey8hrjn1yfwabyt8eeqkrjxf8j14sw023chp7vez3awrpr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
83538f97dcfa3673-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:07 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 1FDA 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40efe7e1d48df782307e2e57fa4d31d937cdbd5b1c5c009e0850a1228e42d6a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jk5jx6jafrmkh2bsf40sp0c6vw4nwgszj12ckkxpnatxgfv7w88jpr3pt5zcaekv1z64c3rfabq3zq0qh2gtxf8405278acvtejdy6vkdtsa8nrxthrsfjjfjarypaqxtwwfbmks3c9qr4cjn8j8w562qn99ezqnkrtwjqp8z6bxz549hychams67xd0w1c5fw0sr7s2s13scpdm629vp6ry8kj39qr39064fpznysfeqwb45nj08dphzvtzwyq2es1wy90ace491a591ajmm99qse4r7esgjnjhxd1kjvymgqrxr7ym4r46fmd6g01evnqfgheemn67m9eb4s8dyf78839v0gfyj295r63tczp8yrk6qmcb6wngpzv4wjk9z1xn8hczeffq6z5tqmxbv3t5prx36h5tj4r9hxscb4bwwm29h9mwskpbtb3exs98tsty6wk&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
83538f97dcfb3673-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:07 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
adview
googleads.g.doubleclick.net/pagead/ Frame C4A9 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpBTjtn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTOAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWqmVR_-SI2c-VcQg-DCvV8SfYdT5AmX3LPxwK8JjoPid123lbzjOgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=0WWhT2ELr6o&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_r3M57i7r8Yn9SqMSMxnAl1xM7iA-dAwU2v1cihhtoVD5BWW1GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 14 Dec 2023 04:04:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame C4A9 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k_nHDrikCdACmAKdg2ICAgAAAIeaifyXVw7ogF-p8Qivy4YQtn56Zb7K6rj9v81d0yMAABIAAAoKQVFVQkFRRVBBUQ&wp=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702526646225&bpp=92&bdt=187&idt=311&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=1356&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3540978095&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44798934%2C95320869%2C95320884%2C21065724&oid=2&pvsid=2436508085332411&tmod=2030218517&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ipvc1nm3cv9&fsb=1&dtd=321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:06 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
166162
server
Kestrel
content-length
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 52A3 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
332265
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrPJBbGZHnE%2F2bp8oZaDAQmUPlA1ghf9uOhJnWJtR63hkj%2FPTFGAW9dlUWpDRY7HLw%2Fu0Tlo2dD2%2FG%2FFULsajy0UchRnJQoPWL2AqYIocyai0AAu8SQbFtghqdHmoHbmAfquOQnjKvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
83538f980d103673-FRA
expires
Fri, 15 Dec 2023 04:04:07 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 52A3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1125042
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc4HTiHXwLeotnE7zfLpGmglu7z9ytoVQfnHYCIolAweyAQZoNpt4aocnoKY314p3afnLPncJ8W%2FQYrhmqhYJySkYlKhquKlZEem5Bz65vKn1Ngi4J8CSbUmbgBqwOSWZM1YKOegXMUFRODB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b7a1d9e-FRA
60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame 52A3 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2945400
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
28958
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:06:38 GMT
server
cloudflare
etag
"346e75cff96234b45fe664b527c7c88d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m1Zs%2FT46XCjutNoWU1vE2n%2Fk1HyHT91Nd8b0ZHVC9H2GMzo8L9Mm8zR1OfZNieLa9Pn9ZxJ%2F8Ddz6Mxh2u7tRqqc%2BtSl8Mb%2FhDKZDBMZs%2F44WvMOlKmIra9kVL6foJPVBP18TEsImZKM5Ax"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b851d9e-FRA
2aed39855b5f46b7d90f959867be60f8
pv.medialead.de/trck/epv/ Frame 52A3 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
attribution-reporting-register-source
{"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 52A3 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40837
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlFC5SBxPGztzOANUGGNuak47F8eXVlY8npNl03oWPe2WS4NQ7IwkrsCW7ov1PiUlWnGuLI%2Fl2F8%2BYaxWog9Ap5zEjxhGGk%2B8CiJ0alQigHYVfunJ1tPBiUJrLtf%2FnTucQxeEQlAPI%2Fru%2F3t"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b821d9e-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 52A3 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2859008
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQdp%2B5iIgJ6fIlnzZCG9p3W8QpLGj%2FFqXQlFpktP3cCpzeKmbh%2F5myiUxstWmuB%2BWsUd1WU2bN4NCKNrdz2we%2F3xlv12nT3LGsV6K%2FE%2BpmHOcoqA6xy8HDt4OSzhNEcdQuBvxYHeHUGfgRcA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b841d9e-FRA
cshow.php
www.awin1.com/ Frame 52A3 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 04:04:07 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 52A3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43511
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w08LU25xaBVDnHrFyv75y39rEbw7OpQ20FzQJkS3GaSYKhYIccXAJsxkUW0CmlTCwc2D99UIaWS2Hx3d2%2Fbn6RTKswqbPJeANoSop3AMw2HuALf4HfCW8Maepc3hDRXgjfSS7GlEFNQPPO0r"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b831d9e-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 52A3 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2753113
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg7DuBkdlXRyIg7VkuF%2FDTsuKw1UYaHzVKybPtXxMW2cRp7ATLM9t0L0YFRHXCA7FPQRlQelb4bNb%2FyAFEsM4%2FCqFi%2BPZCS9D3S2pYnLsw%2BpdiUbOQzfqK6gkv6eucLks1uSxY85g6tmkxmH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b8a1d9e-FRA
cshow.php
www.awin1.com/ Frame 52A3 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=89eb780e9f4defb13add9c0c09cf41bd%2F11724824113909958989&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646988&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kj104h22p04e2ztexn4qwv9jqbhprm5vh353kw8eax5hvj75z20tbchzks4w66ndkcr7gz4r6zxapb3peeydk6ts4mz53tt0n2xjs10dkbyn7s3gn95qwh52gbhp7syd607f65zecc1hs73x8eagjqmr62hj17y5jzn4c8ypjw73gy8eqe9rnctwpmf4twc0r0ncqq42p1t8e4z3gw4wqt86ysyceh0p9p2twz9tkwsxwh0azk5yvvk34c96nfxwh39qvbfsjd5sr7z3ds8h1bm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4aS-tn56ZbDwI-zP1PIP7M-H6AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQJVgox7DEOyPqgDAcgDAqoE0wFP0NLmSpStA_jir8MUVbgMQDFuXvNpA5A8RhEaYf5h73YHg59hXnIobX1cf7yLS5TqCyqR_8pcnTll5Yr2bPadyxIeHDJ7jTSURFz-CXMOv4Yew5s1rLrmd5LKHVjYq28wMbnecwo3gxDjAr8JvhKAywLpvuqhkPf3NR6MnSMs9yizBW88aY-ZrnVYTQ2zVzcUAgs3AlhNt0BG4eFFy_NhiU2xOvva_lpPAZkMm3-_Aqsz8L03WAqmcQQhMsjID5QSvp_ufUdR8p6TA7ieCFQtGvWzgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLTW9f-FjoMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kvfMEbGzvHrrNVwyI9ZDPwm_SMA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2023 04:04:07 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 1FDA 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
332265
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g65xHy60DDVqpobY5yvAPD2hyPbn7LDDVP%2BoecgBfPF68Qh4FsX0xbRxm2g18TyKRio3hobLwqamebsun7trAFd8GPQrfq%2Bw9XShe9If12s1ABERwah3ak%2FPog5PA68CGSYVL1%2Brk5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
83538f980d123673-FRA
expires
Fri, 15 Dec 2023 04:04:07 GMT
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 1FDA 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44651
cf-polished
origFmt=png, origSize=5231
alt-svc
h3=":443"; ma=86400
content-length
4680
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 09:43:53 GMT
server
cloudflare
etag
"f16f7910a6ef14de318e485901cfa4a3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqybED7k7rSBtwC9XDzJd1K5w4gNr281Mbmk2MC74gclmtKsOkuwa6cFfNIU3AMep31necMBHgHndFynfvxMgq44jjB4mtNjquHmIHH053sh12NovE1OO8wrZoCuZnTE1zQtVfLY6tIKAT0B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b7c1d9e-FRA
FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame 1FDA 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b170f93a0f60699bb90efeeb218ef113e88a1025522c3a3d2e297f3540d895f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1296788
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
29459
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Nov 2023 08:20:52 GMT
server
cloudflare
etag
"3a2c3db25419881df77e88816547f105"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EbW0Jb7K7gjzwzrXNE1oXLXOpVtEstSj7yPo%2Fvy35wTXLd1SFKWtM2LTfkl23BClfOMenIOautzV2q3F9j%2FTamJ9ZMGwMrE4uGRWNebiYon1tRUZLdD9kqoMKq22fSgfEYzRvMJ%2FBh8Ys%2FL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b801d9e-FRA
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1FDA 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42026
cf-polished
qual=85, origFmt=jpeg, origSize=12951
alt-svc
h3=":443"; ma=86400
content-length
7758
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Oct 2023 22:22:01 GMT
server
cloudflare
etag
"12e3523b35b31c7ddfe7c77dcdb14a34"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMOP0V9GQVR%2FgwSI3dPvcXdKXSu7o65CbQLYak3y%2FKllZEscgbstctvcDeEDKY3BdHabFetQMI0W2nD2lMqYCjKbOESHrgT1%2F2MoBoyMmzIN4tSIsiyht23x%2FqaWJDLE1lkOFgc0Av2D7LYO"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b811d9e-FRA
6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame 1FDA 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0354c512fe9ac534670f42761c954a5cb683ae7a1c74b6e93e866113cc76863

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
36623
cf-polished
qual=85, origFmt=jpeg, origSize=16323
alt-svc
h3=":443"; ma=86400
content-length
13986
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 11:42:12 GMT
server
cloudflare
etag
"2bec681a82cced862b1f711ea5cf61b5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGz360PJTCxBNk7KCF54g6alAxZF%2FbvMHui4ECaciJ3X%2FkeEoksMgEd1A9XZnw4DK7cc%2FwQumYWMQGkjFJysTczZLFYb8etqL3I%2BW1SouF6BT39YTEX%2B1tRif5zCWpE4lRCiZcVI6E5sDCPW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b7d1d9e-FRA
/
partner.o2online.de/a/ Frame 1FDA
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CImPlYCGjoMDFRKK3godvdAMiA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023121405040791288303299X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023121405040791288303299X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023121405040791288303299X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 04:04:07 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023121405040791288303299X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023121405040791288303299X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Thu, 14 Dec 2023 04:04:07 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 1FDA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34004
cf-polished
qual=85, origFmt=jpeg, origSize=8714
alt-svc
h3=":443"; ma=86400
content-length
6672
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 08:50:26 GMT
server
cloudflare
etag
"52953af169f970e1ac17ba40d8c26548"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRfj486%2BlNzF3LXf%2BIEiGsYLeh2%2Fo8orhZWIv3wvOWKqSGrEJ7ZgtwIJfDch2EOzty6sDJGIMqLa2cErrhsZjVK9lnJ3glITSuvUAS9lrrjcL55Uf2n5x61LnHao%2BQRb1X3mjhH6MNvST9zp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b7f1d9e-FRA
E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 1FDA 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
675590
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
25413
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Dec 2023 08:24:17 GMT
server
cloudflare
etag
"7e811696e8763f5dce86bbb648013620"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2ObacHGhYjHcZ9pVSNitmEUGIYWatCO85p0lqnYykSp6YtwN4XRvu3iwa7SvNqEnsCbITQzTNJPszcHeWHXyl4yegNE1Jm9GCTMCYMpyjAGHzKho3Rhpk91CtPUKSfk3MXGSD6J%2FKvOGb5l"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
83538f981b881d9e-FRA
ztpv.php
www.conrad.de/ Frame 1FDA
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1702526647_d3b62d60-9a35-11ee-b1a8-22396ad6a5ca&insert=AW&&gdpr=0&gdpr_consent=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1702526647_d3b62d60-9a35-11ee-b1a8-22396ad6a5ca&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.nG56GkfRLezj317Ym45aeLh8stT4MDBhF_6dGBlfQ0-1702526647-1-AQ8cbQ7dZp6RPxYx12WkzyC5m8xDPXgLZXT2qvc45_56yUYVu6atnhiosCkRDP4R_d9ETpOM3R9VIfsZIK56wR5QvKs0shQkgbo7U1CmxfCjuCEkFng9RcIDPuEumRa-LOqkXYcwSeqRhDNUuzyARFQ; report-to cf-csp-endpoint
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=.nG56GkfRLezj317Ym45aeLh8stT4MDBhF_6dGBlfQ0-1702526647-1-AQ8cbQ7dZp6RPxYx12WkzyC5m8xDPXgLZXT2qvc45_56yUYVu6atnhiosCkRDP4R_d9ETpOM3R9VIfsZIK56wR5QvKs0shQkgbo7U1CmxfCjuCEkFng9RcIDPuEumRa-LOqkXYcwSeqRhDNUuzyARFQ"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache
cf-ray
83538f98b95a1941-FRA
content-length
0
expires
-1

Redirect headers

Date
Thu, 14 Dec 2023 04:04:07 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1702526647_d3b62d60-9a35-11ee-b1a8-22396ad6a5ca&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 16DC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 04:04:07 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3C6C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:07 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3C6C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:07 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3C6C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 08 Dec 2024 04:04:07 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3C6C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 08 Dec 2024 04:04:07 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3C6C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=1jxDMLnlkPxaZTc6ZTOo_xxM-Dx_GJTIPVzXGqngZ1zLfvOVa5CGFUtuAfdfb9eEDtJs18qnswtDIuO2cH5R1H46NlxTNgPNGJOUEfMJ8j3J_eo_1k8snwh7aRlB6_yxxuwjV-lHPQkuW5lFr8Dg8nM9hKTWTENylOD6IVJtkMGZG7mQAk1i1CqgVN2kUHzxmevVzvGV-Et5gxiiz5UETSzLRNZfnd2WJwOXBRYWCa0zKKxu9gwTsUZ69a-0hJep5ITgduFGWXrhoxK7CHcN1mLVpnfzRbqPkgrrVTmWYrL8OLr-xEbaQnNdqxkkpBwrNIaSSPDnP-U_1UauEq3xkNIWFaFrjJW3CqCOlVBWhKD8iyqYMqM3eBliiBlkO2GfSe4JAdXbsGggT2uDpLXkCCuWXM88KhAatkqNmIHewZNVoP7x
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1664909
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 3C6C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4F18 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 04:04:07 GMT
all
csm.eu.criteo.net/ Frame 3C6C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=cCDapIB1AGItch4kPP368KjP3AER8p9DHZ1EJKltkOxRhpnb_ymG2Fnf_kD6RTltU0IUnA-FR7wblNZwRRu43XH1WE5RLaJ_d3b_AFdbFINEs9JpejzViG_twh-y8ZU9fDdW6nhzP0C25rjFwnwLOnTCJet6SFfa_q8lK8pnGjUpUHj11WSaq5Tcjp9YmcP5n6G2lxbk_l0ebqhje0AKZarOlljcloYr2_0Paqf-ocjyfT4_0hrO6a1qaTAFyNPDnbaEuA&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 04:04:07 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3C6C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:07 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3C6C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tgAIjFQIEdFEAAcf8vtYsSv0vgvxibZ9jQ&u=%7CrwJTjelPBQIcNUDik4peS8A8da4450RLAcztEip4BeI%3D%7C&c1=YJ4X_nXZn4MS-Vyc1jpPlV4VTPO6xzWbMW9ePYRMUYXVfUoF4cAXWY4IDGxyAu5zOLBuBlPze-ACIw9DUizGULWeZaTqmKJN44gLYxkfjQ-SLB08AH7TrwdUhbRDxlbXXSXFQUHo-B9dhtI935kEm2Wg5Tjad07e5bbayj6YcpQsM78i2ixWze-APTg6RlsS72ZTyjFOd9Hw3M_HGfQR16vIPSq7QBI-IdJgDfOR3t-nhMaaA71jZ8brx20rgO0FIuCpB884i_xe6fFpC6_RXUNN7CQl1LyCjQiboDL4FywCXqPclCxlR1QUmcX_tVNYz5gXnvWFJIGRcW7IZzttNgwrthAdwtGg3Q7mpFSsQarLpEQK0PqWwXD8QxzSzM97bJQFAsT0AjF5NlQX_AFzmWQ27nu7XuJejMj4jeoIylIYJFhKwW9CK3vBRNqIli6rBDypatbDiClP4CAaNHxd4Zcdy4XGB2njo3CFsShIGkZbUDGCS7zdRgZ-tnlR8sf8ew7Mg62-dRQrQd-rec5Ku1ZWQuI_vTBcwzCsffM7yHqLnYD7Yo4bYYYP38lXLospSoRkERgxnWftHgNPM-WnMoj8pMs3xS9H1vXFwAnVlaIVLjn32swvQg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEwBetn56ZdSYIsSix_AP8r-c8AfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTRAU_QUt3AmTOtMLQUB7hSXvOsof4zB_ob6ys5oLEyNp62QVjTjtiGBJt8RyXaIaT0bugHNRngl-ZrM1lMnqMpyYMyQwg_wsqTA09KkUvoP83Qk1KpEzBJAlacNyu-YMh5mJFjGk3l4hWUMGygGlueUipMFhHxEjbZDkCkjc7nzco8ccEU_J6mxPY7qf67t4wVLCMjQqtIhUGWn5ad2eChdQ4gPcAveRAiWuuXZm0SsLcD8xQHIryPvmCRRt5PCEvvrki4FmSRH-axz_Uv-xgnBX-GgAbX4cKAm8yf_2ugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_rP0_4WOgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1wZFBhOTEdPz_vpI1lECgPq9Tjnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:04:07 GMT
link.html
track.webgains.com/ Frame 1FDA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gz0ztaabdpaxk5kp60xx78mz4p06ns5rpx2cr1efjzypw14gmyrfgm35qj0ftt6tr9w85yrncy9qj9pxrmbns3j371bfaptvnchqch5s8yatq3a47p0br5ccb2wcgmqg7p4ttp67mxawk5yspfyv77r0c6m8g5jvhk8cpzzz5xh8grcnk2nw96zhj2bcd006vchna5y8wzej7y2v9w2kxebct05g8h4j9p2t0qrhbn3gqsk5nsxbmf0a361fggzrepfg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.158.37 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-158-37.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
5d81eb60292124f68afc068cc4331c922524d09233d311e93d6c3cdd6946869b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
last-modified
Thu, 14 Dec 2023 04:04:07 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 14 Dec 2023 04:05:07 GMT
f5bfe45bb2
tm.simptrack.com/tm/a/channel/tracker/ Frame 1D3E 		44 B
983 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.196.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213-239-196-120.clients.your-server.de
Software
nginx /
Resource Hash
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
44
Content-Type
image/gif
Date
Thu, 14 Dec 2023 04:04:07 GMT
Expires
0
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F09C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 16:53:40 GMT
expires
Thu, 12 Dec 2024 16:53:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E6A9 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2174041d00bbafd41ed90df6aab9a136b48e2cb0c649c3dba7c97f4b6abd5b69
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pPvy1sFlMQaYl2yfOo2iSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pPvy1sFlMQaYl2yfOo2iSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:07 GMT
expires
Thu, 14 Dec 2023 04:04:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B5B1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 16:53:40 GMT
expires
Thu, 12 Dec 2024 16:53:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B15B 		829 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3490264bbead51695d89b3d4ef8ed13f00d54befb361dd06eb4190720cdbe969
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FkqF4NsS4VTxuN5eTT9Lqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FkqF4NsS4VTxuN5eTT9Lqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:07 GMT
expires
Thu, 14 Dec 2023 04:04:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame D3C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_e3WTswzsGGacFBp-xg5bd3zZYlbbnrwJwEj13A0Px5qXK6Z_M1-3iD-L1lEj8gL-UbxJpaAPIpT_9VLzH2AzNFgME_dksDjjVQbJRyD84Z5QWI_n8u17-BMb3lForIeoA-0HNcLjsfQzzjeUEv6Fty8nJCJjA0bhKu8onJac7asW0y_zIaTAlIRmlMSj3L4EvRmL_UD_6D7zUTi0JYXObdlFuN9vq4NhQz50fEYeizObabdOy-rjMcdtCg_v3x9jmqwh4NuautcgXngKbHQY-myIjC4AiZbsEq5qb4JfpRvZVT3M6QRS_gz0Gksxjn-fadR9muSmEu8mP00rc3nWsjp1vUcetPe6AF53FmRjqAVlXhLXHFC0NfFq2aSm3yn3NjMV9uYwZdaxY7sznVk&sai=AMfl-YROA5w1UzOv2jB4N_IiPZZr-rC43BtiytwJH0e-RDXRywauC3ggyQgB3Gu1dXWavFPTWewQDeo1cOeN6Ls&sig=Cg0ArKJSzHXJEKHtxb_YEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Dec 2023 04:04:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D3C2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dd7d0d783eb0e6b335ea80da57d244a2db1e47ff504fc178f3223903d708031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12234
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F09C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 17:17:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Dec 2024 17:17:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E6A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3703292431370130&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B5B1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 17:17:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Dec 2024 17:17:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B15B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=968190693314162&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D3C2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 04:04:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1AD8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 16:53:40 GMT
expires
Thu, 12 Dec 2024 16:53:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8531 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d195d1d62ec7d1c662f1ef201ad2a4c07b17a9fef3c66fbf89c918d5f39ece4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4IDAw5Q3sShCFB8Ugs2NnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4IDAw5Q3sShCFB8Ugs2NnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Dec 2023 04:04:07 GMT
expires
Thu, 14 Dec 2023 04:04:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame F09C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JQ5-ig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D66E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1h0vZ_n2bglku6iGojuYaji_mBXuXm952P4PEoy2Cy7qmeHq0DOCK6XqPFUgs_Zm5vkWzfQWTZnZmePV2OIpLSvGUhoQ9J6C6nT8K0vrFI-6F6W0-&sig=Cg0ArKJSzEhOl8Xhqb8LEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702526646010&rpt=108&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 04:04:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame B5B1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7ova2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pvClk.min.js
analytics.webgains.io/ Frame 1FDA 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gz0ztaabdpaxk5kp60xx78mz4p06ns5rpx2cr1efjzypw14gmyrfgm35qj0ftt6tr9w85yrncy9qj9pxrmbns3j371bfaptvnchqch5s8yatq3a47p0br5ccb2wcgmqg7p4ttp67mxawk5yspfyv77r0c6m8g5jvhk8cpzzz5xh8grcnk2nw96zhj2bcd006vchna5y8wzej7y2v9w2kxebct05g8h4j9p2t0qrhbn3gqsk5nsxbmf0a361fggzrepfg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 01:58:51 GMT
content-encoding
gzip
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 12:01:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
7517
x-amz-server-side-encryption
AES256
etag
W/"1180a1bfee0aad979766ecd6180b923e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
36PwPfs_05cNlwSjTplZbaLRtKouK5D6FaCdrz27nnQHJR34ISJHDA==
1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png
cdn.track.production.webgains.team/287405/ Frame 1FDA 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/287405/1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png?Expires=1702526947&Signature=FtP9y5kLhncYaFBiqn7aVD6yQZaS63E8blvvxqtV7OUhYWQvaPo976oj6LTCioT8Bo6vEmjIGrVvziZf0akK3qzRVFmYJ3vfAlDPPxYh4DWOD9asvd3X0m9IeLXO0C57PECZemj9YjK2mff9sO~AJ-voIQaB7rUioBealKoFOcRl~2vg204MA5Pi4pKr99wX~-OIeZ4kxJFUiMl94RStjLtmiY~6-mO1HvSOuCC7sHc~pEtaNpeRB94xc36Cla8W5xayMPZmBtTkaRzxjGeOTj9aM0CKzDqvgy5ts54v~Xvdn1A52gtteKdsUfQ8~BrJKRZnuhzpx2cBLeF5JiGNlQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C22925%2C14019&b=3qjcpf4fXXX6C7HrHAtEtrGkkCPSWTKKMsg2Y3%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=WPefrfdfZZZJuYH5HjtDC8966u3SETVVmU9Q8W%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=174380304e2e535eab6a96c1854705fb%2F12143061609665210595&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702526646990&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jxx0grccjvrbg38b4ydnd6wq9ntdjx8zgqae4z6b6b6x55b7e7nyxej5z3ekgbn37njhe9tzvj342kvt2xb4mav9b2xw3r3ypz04m0pwjve3jg0309w6kgq54ah4apy8yhwepza3nszf5rn8c76ar4mw7k5qy6yw4n2wk3ckz3548c72htc18rk459e84fc007psev2q9mhstyj9xbknczm3bfty49f9yfd91jsxa0xezezyyak60aadt433dpckmrhv61hspgysbyjg0nfvk0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCbNaftn56ZauwJ4jigAfuhquwCJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAlWCjHsMQ7I-qAMByAMCqgTPAU_Qdpa-rs0RuSMmAShUcmWgHyEt8Z8cCNJBQ4bB5Ft1H12BZjwyz5IEVC8WG1sesnvWKMtt6KaWxGiIFhCE1yH5tl_UGBRlVh_qIs1xRPjSB8N5vXEMG3OiqRIL2o4ICV4DBTb-AWVcQDvxKcVzpgmIcDJ6LMuGbZrMG_xhwcJBnNkgxKTTfAOk317vExhMJFOHoVGm1t6Lcu_Ko0tJpGUadLr3ZRoD6QCiDQotUsvq7EnzZcPkxBTXsZhqVMrZWu2abkG8PC7QsA97YO9ljIAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli3yPn_hY6DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3QVl8KNW9WIxeueI7kxHWdsxHm2g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 13 Dec 2023 10:35:48 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:42:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
62900
etag
"252bcf3942798a64e6a899b7c6e034d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5216
x-amz-cf-id
x1XNzsHht3Vu9AFr3xY9l8r4LxDJaITQJy5IWcgDLKrwzZWEh0eBDw==
sodar
pagead2.googlesyndication.com/pagead/ Frame 8531 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2436508085332411&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1AD8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 17:17:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
38798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Dec 2024 17:17:29 GMT
generate_204
tpc.googlesyndication.com/ Frame 1AD8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7flGvg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 04:04:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
all
csm.eu.criteo.net/ Frame 7223 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=JZlqOIB1AGItch4kA1XzND4FKyCCFJD5rC38SUS3EsA8AQY9VbaL9RN-0h3Cm4XmST7O_rXZO_QCfRDB-aGKvqrjX-NnLvAl9sLQO06NakyRsu4L_EmbWnlBZW1CwRXLz_SMc8keL7rWkzVo1kZKHs8w6-RY48RR2co6gLy-8870r2C_N4hEr-1vhdNasd8FBhzCH2d4pxmVtSZUilz50JnoLjFV8B6VKe50J2V98EciFURsZpC5beeHOL0&sds=2&rev=89682&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXp-tAAEXwIK4CpTAAA5pvJ-xcPtc2ystgCzOw&u=%7CfIggBO8nGlRtljY3ku13fszvo6N29F8Y4K5iNtJtnB4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHuGKjdz1fdi8nNgSp1EOSdXdZo3cU26i5t3yx5zm_cO-f4XZplEB1ab-8jj_5Hkn0xb4fTYVVZX8uGLkAec2pSumvOk9qn0ZGbkXbhH4uJs3nSvfTg7S5-x_IgJ4FCV4l3e_IS-I1NeZSKazuqC-PN8LFWWcWf02vWauTFcugFC5jpQkB7VXJx5mwy6loAfHF-YA-lY8ZbmcZhJz7EbrVXMjS1vGDQ18-UK2-HqjRSbvKKRcoASTc5589cnJOz4jeDxmp-Qwl9a0CUt7XVBuxkbKi3_B2pF8yBFzVAY4tq1VxgyqYZiRJwrCbCbdrjuvfgfAHzRcJpdVvzqzrjcA_Ugv5_VtWtaZO4alH7p-Aj9XvjeDqD1fPTf_JmSiwYEjNXDnzTKrcRziYbmn6sq3b3fmJuD9UbHvZqztS2Kxmda29XCnDCn2Coag2Y2AAKsuLjrQ1-A-zNv5iasPPrvkwlcTs_9WETIts0ayh3EdrdUjsTmg1Pk-iKnUvxcXTxoSwiJn17JczNkhrUjp4Oj8-9J3tpnjTz853fEptwHu2rDVPHmJ0ukAQJvVWjY8umUkFA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzDZItH56ZYK-EdPUgAem84C4BMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTg4NDI5NDQ3OTM5MTYzOMgBCakCVYKMewxDsj7gAgCoAwHIAwKqBKICT9D0fJ9sXmL88rUSmFPGcE7I1OPzXZ-oQJfI-V91m7g25btKQNcMXasE2d269zaFoDpaKemVODiHBbKwjWgAAm7F-Ssp1hzuquQcdYVyu_cb_bw2DdLf-l3NzrOEZhq-9VK9ujZ_augVuHQ0kOHf2hkrO8xG0fbH7TQglUgPkzX6MqNOH9OQTj33LmJRGxM6Cs5ETnjAGursD4g0YnfJ7KEam_x3ezH5FEJ8KZmkhqaEr83DC5a0mzB3tmzhXCzHaDkKO9X6_xG5hkjLvBK0H_U7qWe5L_qTy-ci0wsCpG0w2aCPEJrz2zttZpbI7sW3pd6XDoMdleT0HHxXuizXEpZpHGBBaledwrOMPJndxw_m0ciRqldt09GktlsGENS80qbgBAGABtfhwoCbzJ__a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljmlOD-hY6DA_oLAggBgAwB4g0TCJK_4P6FjoMDFVMq4AodpjkAR9AVAYAXAQ%26num%3D1%26sig%3DAOD64_25D-TGpPUBAWR4O1xNq7jcYAtOnw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 14 Dec 2023 04:04:07 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 16DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3703292431370130&bg=!bW6lbiHNAAY3kmNgF5I7ADQBe5WfOG0gaDOfyHF5rUDWoAtjJM-ZS3Ir-jx_tpEfh2DN12KYYY1hJXuD2THsCFDZcHVmAgAAAFRSAAAAAmgBBwoAHSQeRyiztW-MUHXMKGPUZTu4gmx1gO7uDch2t41umQNAake4t9Dqv9_ko6p_HnUfMOi7Pi9aPWygc4Wu2SRKMERsYMZ24v6oCOVSoA4FDxN0U2WgEDLrfd8ohaq1xNu6O_iSTte1wmu2s29gCWo7I5gaUPxOkqblB6rz5tHggKXpcdEYHt9fzYKaHEBcQG7qEs-MmOomN5rFIRaCDQL9-wbMKPFtzrWcgJCI84CeOYv7184JY74_quEwUCXvSzoozeH-FF8PNOqLr1_LTQfHukXOMSJ1EUjTzyIzLx-cHCczBppIPqygx-81lsdNuupHv17Xk-2id8VHwCmpgmNTZDkUipzZUEIdQ3zboUTdWjoND0IJ2SZ39OecghpxDNRjJCDSgOZpU1QeHkXAp0gP2gCRqHTK6MNW525uaC-NtgWR-MTSXEQV3T43TxqqCsng3Wt6S1IzPEDtar0c3u9Ryif9-XW9bXEP8nP39mUfHhCaApwOxZxx16MKT0qdO_lVHWRoqab6oCGHZ8p9RWFtXMzDXiLa-t-tharh1q8z66dcFRKESDYCKeueDw_MpD59chXWMX89ANVlu1rYTHkSRPebFKery95_WZym2fiFCs7MFcKQsI0iewY-1sgFAaRQpxuS9FKLvTS7jSEE5oAIymOmcGtJgLoVsj72IcJisFit9jIcOTByQBpycuJIMUAg2YJh9BI77X4Z3oVygQYkIk04Ad437JdZy0NAl_RKLqzeWLHL_cQP7LPrSFQOufOG1cKrGmgrgFQ5SxouchzQcl96Hecs2rrzM--bgYcvWVAl4Ev6nxxP8_pYh9wOqWxE_x43VWgl3w-8WWEwyB1-n1nbNyEfeQtuejZdvx319REO0ayVyL7LRF4mVLBB1WZDdgbVBZbZl6rnFEEr7hjaBTRaoIrceLyfvN45zr4Ksdd3Tll9cZSapiUWQSk8-ObSSaLk_mJH80xat0gHdh0qodZKKy8l2LWIRVzIuPA_CXmdxAoJES2iHAg8tWo_8tPY8dsCr2J5o0Ta-7CfpdZy8fcgTlFVmmQzPJ2g-eDakJpbu5gsH4zVDqFWhJ_zyxYTX13NNTvLHbirhq5I2ITCdtj0NOcKOKC_NCMjU72oKbP-8g9tmxnbWCe-bR7_b_Mucg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=968190693314162&bg=!ammlaSbNAAY3kmNgF5I7ADQBe5WfOJEcrIgag4r7nSvVCuUCyezsTOY96ewTzyE8jxfZlfSmGBSTIhaVA1kuAQ4AUyLGAgAAAE9SAAAAAWgBB5kDdGXeiGXDHSLLl-wX_S_BLbCro_siCHb0Xm4QLdieXDQtwGW2fzrIf7KDfjrtuo3qvEyKMwELMB055Ol_GMx3raGAq2OhI6OsDNFUmgOAUvsawX-a04YBONPoCveYi-frnDvSsRwuNiXMQ5-cNVkkK7kXFAjQPwNzb4G_iSbcUv7Sd4ocrHUw974f-PfRWN0gAksDObd5m-vlMcVYj8ohM_3A-X6iD7O3JHjCbtW9mZQ8SqROEoFz93LzZzWM7NLVKrnj3clUb-IhHI6Fvykg8gHz4-dcFJs76TEtB3Sq4E-0nsuzWsvLufp4NqCJjX_lXIY-XNAAeivuyIuap6ihZoCs5mEPwTSXIcqpmiG8k1SvbDMdhH-7suzWRpvBkreUDopN_elywzbiISGHJpLT1U5QUtZ7W318C2iWSacqr9YV0tWaXA5tb9VbFiP9O-IBUs3-tgkCP5-3Qcp98ABA_gjDqM10AvETCeEVI35NnOG3n2HXs8bd6hfb47-h8tmFMxabIU19QDIX31EOXisAN1Ps-V3s01dU018H5qX7IXEXfc3W6K2ImNC70RvUA3d-vmtHIRg2KxATpwpxQimghUk6_SvuDJBitQ1oWEGv8FER2nLYh7ml8tq7cfhDSYyJWFXIT5ZACrAU1L_X5uVxI1wg4yGCHG6TbgtUWITNUVd3TqranFo7GvZHrqXEiVlp4YeBTIwM4MqaaEwytWVqJbqZohfilihNaBF0zLYykVIGC2A-_nu36nwP1hnRiEXmMqHX9v8_BtuQ4VYdFsvgA1tG7XOCAxJS1r2RIUAVG1M0RaZapHuUKcHCg5Cf-tyUNAGcGvcTCXhR-WZpRCsXeMdCwo-QAciukEXmk8wy5QL5XBVydlHTSiAZ82Ardiqw3hvIgT__2WoywaTVxLO96J4KN9LYnKFbfMTUqQ1LPDs2QRZ6kEFx5y_z2eTnCv5Vva819SoU_xhurVixZqovdYORy16VhvrD8vajSuprm2j4JDaCtJqeoZkDrLgqvElhy3kJpTugcjKuwPM7kWFaJuhsdi0_ygrnrRIPrxdckT1i2ttrLwK5c1pkpxmR19zJHU0UTcEmIBLJ3LN9tfwtKJEYYfwvPx2hqaQvr6KPcNdavZmq1jny2frYWM4h9EZprHoQYVYQ3iHxE98A31l0gabMss_K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D3C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2436508085332411&bg=!dnWldTrNAAY3kmNgF5I7ADQBe5WfOKNUbpyEs9qBqw90LOh5Bp-uaZ8gPm6IhP_fcP3crRoXQolsxR1qV1fqalRdmpjPAgAAACxSAAAAAmgBB5kDIouqJkupLgksdNGYaAXchXaV-U7T6P_eX7Ltx7GSQePs6pn6ebB_4Kq-gDVYIjcU37D4SZEL6JvpQl_OXSrY-Bo_va8m2D9lXoi-Q86M7HvQyW0UrLHQh_gbE9xyWA6uBVM7wsLtpl9dCOTvrOKpem8e_YiVQ3NlBmw1A9zFWXFVOQJ44Y_nX2hpal-JNdgyxbkXygUHXu7Jx49WToEOYamqmM2CgUaoTQBAs-bZ6uA1GAfojzuTlkh_TLQWJWxC0e6u05XTEo-2wUzAm7fzDzfpWZzNaUrHTkapZPpW_KE90ytptAoMARKLiUSLis7B2swkq2SKXc8VWH8Crn0iTOkIWnvr5B2bDuUy8d-fUg1oBUCnuDBx5RXPtV1GkOE0oK5qLuHQOgjtRBaODFeJuiOja64A8FJ-LcNdx0aOWvyKHUStUl9ztQD6M5UqaJekAVu5A9nddnACsGvBFl--lCb11Qh2ei8bF89yI2XRZu8nguFNV5Oxdo4oWeLLQZTanIbrtyGSqSFe1-QxnKl8qvYCWKi9ZyDqJVB3tVtmv8oujPO2o8qLLMJF9YtvoPPGbIfhwjX9dTLqBy5lricAgicjKocIvh2v_DouzGcxhjwPW9RfT2W1SzebgUImLjzGZv6Fsr3-O99Qay2VrIPCEb3C4NKfwaB9LXcFT3HtTwBH6y1FjEX9vWZ4MHVk3LffI_c5OOwmjKxZa4IjORd2u0Yc-HF2x9ePjjeNe6NAQ48O6Oi-sa73wcmyA8_vYIlIoTT7FYcLFAmZ-fbDnMzcocfXb7V4Ji-Ua0MauTYXIIZg1QJHVfJscu_ZhBtvCJNJ-QzkupFy0PaIEwrKQLEwoo4Ik5RHMlUrdWPfJueziUwJbE_IHUgdGxxmWvbH6KXEzV2u6Ri1oUyLC-UtyaMpsJHd2OmafrtI0rfnS2BqRXVKtvRS1zgem7djCTxve_HuY-FZLAhoLIw7dGnEmWpgSrqLRJXVKi-sDzDIN-yJRdVdgmjVqwXtQff6GSv9XTYyJYJPAqKX-6LdonOIThBqyTCsyxUysQsAXT1fTI7AuVzFuPw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
tracking-event
api.webgains.io/ Frame 1FDA 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.189.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-189-167.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Dec 2023 04:04:08 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.43.189.167 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-43-189-167.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 14 Dec 2023 04:04:07 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

30 Cookies

Domain/Path Name / Value
.ad4m.at/cookie-frame.html Name: userId
Value: 1bcSIhtwQ66givoDNWNChoQWcQ5sxSUq
.xgcartoon.com/ Name: _ga
Value: amp-_QhfgcbSfunWg0-rLyGYyw
.statcounter.com/ Name: is_unique
Value: sc12916097.1702526644.0
.statcounter.com/ Name: is_visitor_unique
Value: 1702526644206171860
.doubleclick.net/ Name: IDE
Value: AHWqTUmLB1vuBMhVLcxAbia7fNqgLmuKroSrMQmX0zt0ez49tGFTBCgNsLl9QUGeAUQ
.adfarm1.adition.com/ Name: UserID1
Value: 7312296265152985232
.ctnsnet.com/ Name: cid_5c542bcc38a54766b4e92c7c6241b994
Value: 1
.ctnsnet.com/ Name: gid_CAESENjtdNhdKoTxcw6bTOre0LI
Value: 1
.w55c.net/ Name: wfivefivec
Value: jQB35MDV1RdCXc5
.3lift.com/ Name: tluid
Value: 2035099314436842485172
.w55c.net/ Name: matchgoogle
Value: 5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22EEEF9421-6AF5-4704-0C31-20459738B43B%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXp_tgAGyoLTewBH
.simpli.fi/ Name: suid
Value: 5B21D9CD3A8541FC9C830CCD27C863AE
.adform.net/ Name: C
Value: 1
.awin1.com/ Name: awpv20044
Value: 412871|1702526647|d3b60650-9a35-11ee-b1a8-22396ad6a5ca
.awin1.com/ Name: awpv14702
Value: 412871|1702526647|d3b62d60-9a35-11ee-9488-2234841a3abe
.awin1.com/ Name: awpv11354
Value: 412871|1702526647|d3b62d60-9a35-11ee-b1a8-22396ad6a5ca
.awin1.com/ Name: AWSESS
Value: 377129:2470185
.doubleclick.net/ Name: APC
Value: AfxxVi5BDBys-AbkkGjiRexiIrZoZyd67IlPOHKJxuwdtO7CIKqccw
.adform.net/ Name: uid
Value: 2738206593316329192
.simptrack.com/ Name: ntm_tps__4011
Value: NNjNyf4Z5qeTN_Adq0oe8zvMPehgyN43scFWgNPNG6XNjMyCj18pmOSZFD7SAtEkIxPQBPf4gcRnXNMFKONTYuepOZTvXFErtFANXPnnzlprEeBV-i5gUxHZfnm5ufxT85AC21k4cGCx5F85TlKzwlyTZRp6GqdX5cspAhEk9-mCR4JAG-d3hsUa5zYR-9eK3G3Clf6WwiSUFIwWSvP3-hk1zw9Y74JnQtAXWNK9Cv1eihfoV5iqoCSh8qWuPnD-M7-0d5QCFdVN3mspCbL1fRxZHHfJTPrEPqx1NBvHYbVtIA12ydt_sHGpxl7G27m97KiHcSPlBD52q5ISRKkkLATdAvmxwt1cDNOWPh1-_hP5JFH83TEOZQ7HiFJZNNNNNNNNNVf4U
.simptrack.com/ Name: v0rur7gqspb3_uid
Value: 33ccbe124ca35415
www.conrad.de/ Name: HTLP_timestamp
Value: 1702526647161
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: cEKPmiM3Jjlsyye3JJTZ.._RrXQjS8xl7qx3R7.vSUA-1702526647-1-ARLDpUv8QG/VrxvU9Bi1Bv4MYW+cgx8g6KR6MLwcAzdlj6qouxG7RNn6WGJKEwhCBhPKwYay+f3oUslY3RGXM3I=
.tribalfusion.com/ Name: ANON_ID
Value: avnt6ZatMPmFUTgUpySVos0q8OO92iBtgMfgMUkVBr63bUkcEXtytBFRKQt48Zc0jym9ZcuVkvJ30TDj4WEcub99K6Fnumr
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMjUyNjY0N3ZsZWExZGUyMDIzMTIxNDA1MDQwNzkxMjg4MzAzMjk5WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRra0RhNWYzZmtRMXU0SHdIZXRCdFZWV2ZaU2pUbW1BYTkxWWVvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023121405040791288303299X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMjUyNjY0N3ZsZWExZGUyMDIzMTIxNDA1MDQwNzkxMjg4MzAzMjk5WDExNzY3OVYxMjI2MTMyNzAyT

5 Console Messages

Source Level URL
Text
other warning URL: https://63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

63c146eecbf1a68c1036d14a4747c7f1.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.statcounter.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
csm.eu.criteo.net
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pm.w55c.net
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.ad.smaato.net
s.tribalfusion.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static-a.xgcartoon.com
static-de.ad4mat.net
static.criteo.net
sync-tm.everesttech.net
tm.simptrack.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.xgcartoon.com
x.bidswitch.net
104.102.45.165
104.20.94.138
13.248.245.213
13.43.189.167
142.250.181.230
142.250.186.34
151.101.194.49
167.233.13.224
169.150.222.217
178.250.1.6
178.250.1.9
18.132.158.37
18.66.147.52
2001:4860:4802:32::36
213.239.196.120
2600:1901:0:76b9::
2600:9000:237d:f200:1b:5138:8a40:93a1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:47bf
2606:4700::6810:c0cb
2606:4700::6812:18ad
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2001
2a00:1450:4001:813::2004
2a00:1450:4001:829::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::c
2a02:fa8:8806:13::1370
35.186.193.173
35.190.0.66
35.204.158.49
37.157.5.84
5.135.209.100
51.38.120.206
52.58.114.78
52.58.171.137
84.200.5.215
85.114.159.93
91.121.248.44
99.86.4.52
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
05a284364a64ead151b487483b446008bbc55f6442f2026b733b195130ee866b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
091138efbcf304cad583ba580cd08983c9341a388532a742123c08958492a42b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
113ff679141f98d89db362ed4e7a4b73ffb168a5401d01d58bc462076352bc18
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dd7d0d783eb0e6b335ea80da57d244a2db1e47ff504fc178f3223903d708031
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2174041d00bbafd41ed90df6aab9a136b48e2cb0c649c3dba7c97f4b6abd5b69
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3490264bbead51695d89b3d4ef8ed13f00d54befb361dd06eb4190720cdbe969
384a129e7eafe62f1a1b734f6d265aa9b5c547f6538f0abb414953e5908c7714
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
493f04cb4eff4a465334bf999c0e7c83e0d9325970d435777ecfe392381bc8d2
4d195d1d62ec7d1c662f1ef201ad2a4c07b17a9fef3c66fbf89c918d5f39ece4
4d39f8a26950c324363a729e377c97eabbb3425bfa17c673e24a1e02ca355176
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f363a1fde89c86857bbfb0f8174c72983b73982404bb8785c057ed0825f0ab6
505bbace6a0518fd0c079be01040eddd8dd9beb201c97b85c491ccb902f88a39
5353d24cf0e942eb420979acdcaabeadb14ffe629bcc663a89c03e4d0a53ced1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c673242c0392e8ab1a099e0b7ed03de1dfb7634780d7fb60b1c15ff3df62ba
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5d81eb60292124f68afc068cc4331c922524d09233d311e93d6c3cdd6946869b
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6501ef6afa473d94b041f6d2cd74a0c8ca3d3a7195d01469f7b84dd30abb4776
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6e5cb88fbc8fc34ff22d33431a645baaa710d7cffaefc56f0c930ee2cd4c7d23
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
733f3312d0a6ea385c56131985cad375dd697cfb4a810621a33269e67ea2ede3
7becccca441211d5c6282aa112e67142fb7682de351a102fbbbfa2ad482a49cc
7beeb6281c286c145e96a28de7b33cd5da46186258adf13a9aa7867a49dbdd68
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8a3e8c5c7c8d969a986dfecbcb818e0fd2aa306b7cf5e96c120378ff09043d1d
8aa713ed55b9a5d73cfd2ba3ce2ee84d8e1710ee15af01919094b41b5ad02d4e
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9181ff262efd68e595579c86d71284dfe1a835033f184ced2edf59d93cfa4b24
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
96af47cd2e46b146642a3340793a344245fd88debb06bd717aeaf1a3fbad8323
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bba29865fe8a21c63352d98a4bb54fba0d0b6dda6cacdb7fae2bbb14be19436
9f303df1186f3dbb7abff9abfa1a39508fc4580949467c88f6f8c41235802096
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
abe9b0cdb2e8efcac94a3a911c00c5aaf5e8444e74e12e3903f006c471f76377
b170f93a0f60699bb90efeeb218ef113e88a1025522c3a3d2e297f3540d895f1
b40efe7e1d48df782307e2e57fa4d31d937cdbd5b1c5c009e0850a1228e42d6a
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
bb5acb4907d481646c90f76b78da6983b84009b3dd4a6fe815fc8af1c49cc40a
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c0354c512fe9ac534670f42761c954a5cb683ae7a1c74b6e93e866113cc76863
c0b26fee0bf4c8a306205ad90be4548cb4732823c4582a8bd8c5ae36930711d0
c22e53e8d9a06a267f2ca232ed75e1f1fd024148b9782c70120cb4535386cc48
c325a77dca399f42a0e0a23e27146de053cfb2e024b2430cdf1eaafaecece43f
c51e2ea94f64fb5b0650a83a42296ecc6f4bf50dc7f03ac5507c586c855503d1
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d179f32a7b2ab66dc8df90dd8efc6afa2b2380fb311dc5a27b8a586898e54516
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d2a666416f4bd544927375cc1fb0465d0519caf439ef9f1c472a6752816de9a4
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
d8d9bc06ee755238aa8abfb48c4a73889d0756a24b4ef1c6b6b653acdb044321
d936ec43448ad6ab0052192eb00d9d4d37efec2a694e569d93b12e5421b71c30
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e024228baa837f910986763351984a16c6e8b8cc33b7432d79566c1836ec418a
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe
e13803bc285d72ce8f9fa2dabce7e115a5f9dbfbc54d9cc891460817f01833c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e7a94ec9a2aaaae810ff1acd9bed59541d73cc8dde4b025cb6922d783b442c25
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa
eae9ea24d2cc7a95384286b3e7036ef30b9a40c3d98702fb6913188f64b713e8
ee223df8ba6d85b498b9811fcfa7d5172b7fa5aa20f18d45bd859ef48894e4d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f74c10edfad89a0fafff476e586dd20d4d353633265c4571abb2b107370619a5
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd