www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Submission: On June 30 via api (June 30th 2023, 3:52:05 pm UTC) from US — Scanned from DE

Summary HTTP 265 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 51 IPs in 10 countries across 49 domains to perform 265 HTTP transactions. The main IP is 169.150.222.217, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::6816:2e93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e4:... 2606:4700:e4::ac40:a01f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
23	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
11	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
28	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.93.94.222 54.93.94.222	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:e800:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:261... 2600:9000:2611:cc00:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 25	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	52.212.22.41 52.212.22.41	16509 (AMAZON-02) (AMAZON-02)
4 4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 4	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	35.156.203.47 35.156.203.47	16509 (AMAZON-02) (AMAZON-02)
4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
12	18.203.209.222 18.203.209.222	16509 (AMAZON-02) (AMAZON-02)
1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	2600:9000:205... 2600:9000:2057:6800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
3	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	13.224.189.110 13.224.189.110	16509 (AMAZON-02) (AMAZON-02)
2	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
6 6	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	18.169.71.137 18.169.71.137	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:cb7c:b9e3:cc95:725e	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2	18.168.234.149 18.168.234.149	16509 (AMAZON-02) (AMAZON-02)
265	51

4 169.150.222.217 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:2e93 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

972cac153261466e715372c64373158c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a01f (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.94.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-94-222.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:e800:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2611:cc00:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Indonesia)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.22.41 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-22-41.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.97.41 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.203.47 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-203-47.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.203.209.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.91 (United States) 4 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impfr.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-110.fra2.r.cloudfront.net

img.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.134 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.71.137 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-71-137.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:cb7c:b9e3:cc95:725e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.168.234.149 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-234-149.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com 972cac153261466e715372c64373158c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com	409 KB
59	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 ad.doubleclick.net — Cisco Umbrella Rank: 184	610 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 30069 ad4m.at — Cisco Umbrella Rank: 9754 assets.ad4m.at — Cisco Umbrella Rank: 41291	847 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 568 csm.eu.criteo.net — Cisco Umbrella Rank: 7838 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 7998	594 KB
13	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	4 KB
12	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 11782	58 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	251 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	504 KB
9	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 505460	337 KB
7	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 38273 hal900011.redintelligence.net — Cisco Umbrella Rank: 486439	45 KB
5	mathtag.com 1 redirects tags.mathtag.com — Cisco Umbrella Rank: 4796 sync.mathtag.com — Cisco Umbrella Rank: 577 pixel.mathtag.com — Cisco Umbrella Rank: 1185	4 KB
4	medialead.de pv.medialead.de — Cisco Umbrella Rank: 49812	1 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 782	3 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	896 B
4	3lift.com 4 redirects eb2.3lift.com — Cisco Umbrella Rank: 422	2 KB
4	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7742 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15453 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9015 dis.criteo.com — Cisco Umbrella Rank: 608	31 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 20510 api.webgains.io — Cisco Umbrella Rank: 51644	32 KB
3	lead-alliance.net 3 redirects www.lead-alliance.net — Cisco Umbrella Rank: 66404	1 KB
3	telefonica-partner.de 3 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 66204	702 B
3	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2409	1 KB
3	w55c.net i.w55c.net — Cisco Umbrella Rank: 2590 cti.w55c.net — Cisco Umbrella Rank: 4192 ads.w55c.net — Cisco Umbrella Rank: 12943	33 KB
3	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 148578 static-de.ad4mat.net — Cisco Umbrella Rank: 192748	4 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	133 KB
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 72402	3 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 16326	1 KB
2	tradedoubler.com 1 redirects impfr.tradedoubler.com — Cisco Umbrella Rank: 108264 img.tradedoubler.com — Cisco Umbrella Rank: 81856	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 338 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	837 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	645 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com — Cisco Umbrella Rank: 3947	869 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 374	915 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59854	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	1 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 981	715 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 39920	2 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 138664	1 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 208307	931 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 977	761 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 862	464 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 822	438 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 982	245 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44074	610 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	540 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 188023	916 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	247 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 19625	3 KB
0	onetag-sys.com Failed onetag-sys.com Failed
265	49

	Domain	Requested by
27	tpc.googlesyndication.com	972cac153261466e715372c64373158c.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com googleads.g.doubleclick.net d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com pagead2.googlesyndication.com
26	securepubads.g.doubleclick.net	cdn.ampproject.org 972cac153261466e715372c64373158c.safeframe.googlesyndication.com www.xgcartoon.com securepubads.g.doubleclick.net www.googletagservices.com
25	cm.g.doubleclick.net	3 redirects a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com googleads.g.doubleclick.net
23	pagead2.googlesyndication.com	972cac153261466e715372c64373158c.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net
12	assets.ad4m.at	as.ad4m.at
12	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
11	static.criteo.net	ads.eu.criteo.com
9	www.googletagservices.com	972cac153261466e715372c64373158c.safeframe.googlesyndication.com a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com googleads.g.doubleclick.net d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com as.ad4m.at d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com ad4m.at
8	www.google.com	tpc.googlesyndication.com a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com googleads.g.doubleclick.net d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
6	ad.doubleclick.net	6 redirects
6	972cac153261466e715372c64373158c.safeframe.googlesyndication.com	cdn.ampproject.org
5	adservice.google.com	cdn.ampproject.org securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	static-a.xgcartoon.com	www.xgcartoon.com
4	pv.medialead.de	hal900011.redintelligence.net as.ad4m.at
4	ap.lijit.com	4 redirects
4	hal9000.redintelligence.net	www.xgcartoon.com hal900011.redintelligence.net
4	x.bidswitch.net	4 redirects
4	sync.teads.tv	2 redirects
4	eb2.3lift.com	4 redirects
4	www.xgcartoon.com	www.xgcartoon.com
3	www.lead-alliance.net	3 redirects
3	www.telefonica-partner.de	3 redirects
3	hal900011.redintelligence.net	hal9000.redintelligence.net googleads.g.doubleclick.net hal900011.redintelligence.net
3	match.360yield.com	3 redirects
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	imageproxy.eu.criteo.net	ads.eu.criteo.com
2	api.webgains.io	analytics.webgains.io
2	www.googletagmanager.com	adv.office-partner.de www.googletagmanager.com
2	partner.o2online.de	as.ad4m.at
2	www.awin1.com	as.ad4m.at
2	d5p.de17a.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	prod-rtb.ad4mat.net	www.xgcartoon.com
2	d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	fonts.googleapis.com	hal900011.redintelligence.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	track.webgains.com	googleads.g.doubleclick.net
1	partner.blau.de	as.ad4m.at
1	img.tradedoubler.com	googleads.g.doubleclick.net
1	impfr.tradedoubler.com	1 redirects
1	adv.office-partner.de	hal900011.redintelligence.net
1	static-de.ad4mat.net	as.ad4m.at
1	ups.analytics.yahoo.com	fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
1	dis.criteo.com	fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
1	p.rfihub.com	1 redirects
1	cms.quantserve.com	fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	t.hspvst.com	fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
1	ads.w55c.net	fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
1	cti.w55c.net	fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
1	i.w55c.net	www.xgcartoon.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	972cac153261466e715372c64373158c.safeframe.googlesyndication.com
1	ads.eu.criteo.com	972cac153261466e715372c64373158c.safeframe.googlesyndication.com
1	www.google-analytics.com	cdn.ampproject.org
1	amp.analytics-debugger.com	cdn.ampproject.org
0	onetag-sys.com Failed	fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
265	77

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G2	`2022-09-14` - `2023-10-16`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
xgcartoon.com GTS CA 1P5	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-30` - `2024-06-27`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
update.mediamathtag.com R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 36 frames:

Primary Page: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Frame ID: 2C62CA64C9443C224CA0CD19788EBE46
Requests: 38 HTTP requests in this frame

Frame: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A49EB5BBA2DDC5F655AEC78EC5E2419A
Requests: 9 HTTP requests in this frame

Frame: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 1D60FF0A81FB8F24EDF84B26397EEF9A
Requests: 11 HTTP requests in this frame

Frame: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 68EBC7A1DDA52D6BD1F4F8F7E5559511
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJ76HQAIQVQIEf9ZAAqkt5a1q0jiueAsF5jm7g&u=%7CKUE2TS9XEk1ZtJgnNb%2FYT%2FY6RB6QAvkTnh3RZupusb0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh4Cs6sW4q8wipphXa-vivu_Jr4cry5Nm41ngGDZJMN0rFDDDlTu8pTbMFNt12e4FI6V7zEGtBriapGeAawlpxRWxOL57nnrV7ZLYx6fHsPetlfgRvPCVfCA9wz0X0SUiBcE3uYNHZJNasF-BZxMbSEkQFDHv8czFOQdJIlOLGqxY3VTVIjiWQ2u0BJXg_FM-PGRbSRhfeDtcDwvCUG9nnqJdA7ifLjin3Xu3CDPro_GxsJb4rsCIEqNKfPcCY6_Rsga97tRbaCNJrcRSJxsuR0Iw8Rc61Vx4EHx6mwmwsxrhbmHT04b-upl77kIMoBk-N09fZYcrjSysj2ewiuA22MTWu3Rl2V-Ke5_tXFWcOaQstJRu_Z0DSmOKyGoo3JMU3kOKt0xz0RjWaoTPoRmAmo6Ot3RUG1XwpkF8QOQvSkxW4gs4ys8U_f1cb4BnOFbPZwdwPKjI1gpuBZiKT7rFRLRASPi4Q1pfJG7GJ6sS2K9Bak4ZIYNqw9zKTvIj9-fNNaTyDVCEX6aLPI5iYuchyIRTXPkmqVoJQeht8mhiqKiyYjljFy1e3hDpaHmu7S5T-E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTmmvHfqeZNSCIdn-x_APt8mq8AvJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgpl964YNbI-4AIAqAMByAMCqgS_Ak_Qn-x11M_BgQa71-S4scd4oDV4lwc_qBdYHIHwikNOF2ETXednbVLBv2IUJPx0UrIUWvccC1r70p9kSshgTfoxjQiMIsVZcUWlQGGkxZrZhx7FPU8ot_qcmsmbgKOG5oDnrbQBKiMutPmnU8VX5VgMR0Bv3SFWnhWfwGpPQM7EVveJzVPM-hbvo7FmyxhJjxbrIdHMLpvuHsEzHKLAAuO53ZSujB_VMgKdMAnnH6AaOG5AbEwqYQcYXyeSxXpDxkz8kWOSTpp5LJCdmzpn-TwCICciGlHhSMzCwJUAQ_jVEeFEYvV3bO5Z6JJotNbt39_KhzoHoQmBQLOy0oRMq2kmKBvakXThcc-kflukd0tQkpoE9FWHrR8u9lzEcvk0Inqf6L3Q5sOtbUZKLdjj5LpIiPoeSPh5QODwRnOtn2fgBAGABvLhtpPF06HNfqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37Ys9QP69CU-WYz9wQS_0Zmzjifg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 3CDAB0FF15EDF3D1CCFD41FA6336DFC7
Requests: 18 HTTP requests in this frame

Frame: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 747E0FB278A2878BF6AEDABF79F472D3
Requests: 11 HTTP requests in this frame

Frame: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C99896AAEBA2FB0B53D5C13E6B1EDE5B
Requests: 12 HTTP requests in this frame

Frame: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3E788754E814C7984CE72C94753E6228
Requests: 1 HTTP requests in this frame

Frame: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DBA6BCCF71F2E2241A65907C43AED446
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204
Frame ID: 47F828D30A5E5972D14063830DFDCFFD
Requests: 32 HTTP requests in this frame

Frame: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0B7C6921A2B9100AED9D1A4610718F3C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D765491777C7154266EEF4F9FBCBE3F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 82FEE7DCFB285841B98DFFB75F882D5E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A03794F3D5A4BE459CCC49DEBC78C4DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81E96E185922540059D46B15CD4404FD
Requests: 2 HTTP requests in this frame

Frame: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 075C8521BFCC5E4CF79EA0970ECD4B58
Requests: 8 HTTP requests in this frame

Frame: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8F1E395A2182A2FDA62BD053964D1E9E
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hkrnn6e0etd8pdf34retfawjv9xm9ecmav5vg94zsw1tqykt4kkbn9njyct8srdb01m1tpa8ewh9qa5sr0qnk1b47e6jtardk51w3ezcva1h0e3h2zgj39b9jvf7w75wm778ws053236ztpz9htdatvyj42qe8jhdcsccwq0zrza7zkc6vdyqqbt41p0kt3b7nrtwg563mmm8agfsc1tnnyeexh451q2vph8m2g9qgs017b6fny43npndxxt56n09vbqwgntyez13etfy5c8x4gk00yygy7xdzxt25qa4t878phaa17cdzspvkqeaw4nvn7fmwhfjtnfm5f0920znc7t9tmsv9pztvprnzcsyrqr44rg0f8pyjfv13cxganj7c52crnrz4qxmkd9r0g07h0z2ty2fvpyyywcdrg0yhpygw5z7v0fx48pyydgvcmdcwr88j1gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 3561EB05383D1B317DCA8DA703FDB1F7
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C08220606A8AC13BD3C6C15B071A6786
Requests: 9 HTTP requests in this frame

Frame: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A17033470703D5983B8FEF8FD390D2D5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5124EB24C3A6F1C2CD5D909FE375687
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ECF7504F3DB556B00A3A539CCA3A3EDA
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jrdp73bm3mns93cqw4s4rfpbp6pd6xn0q898x0y7098js8d1zpxmw581asbgf53t26eqxpk3eskp350szyfmv0b0bsm7jpb4f4xsq0nya19zghfh71qr0kbbwcrtqmq6qbg0e6ce8y04gy8g5bxypxbacvrvrrff35y8r79js5avtfms2vtd3n3ms7ytmj9bh5xtdkstazt2zpjxwebg341xnvwwyxaskx7cm82161h67wtgps11gay8y45k0we0fvfk6tsz56kzpsyx2pj37bnckc3d1msfhgzdktdzxavvg66661eqkdnztb66j748t6hkcpe0gbm073s241vxmrwqx36nw7wb2fynjkdv20jmqwkrg1k0f1t9j6z8dhvny42md3a5v2cyk07a08erhq6hvsbppvhwbzxj9y1ywrwp86441mbp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 39BE7AF8D8D16D4B8644F37BBF969864
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3781A715206A33D905628EF0269A1E5C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F85A2AC6142D12567ED63E2740E016E
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 96F6FDC417C250B2D272C0F686ABD0F9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5F54BC39F7EB3B6A19C6C4914240F0D5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: FE1B5046493D080FFA2A430BFC0585DC
Requests: 11 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=41322400097839900951393012371011&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Frame ID: 2D5284C894EF260557B25BCF56D791E9
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 02F009E9F1302089F92D7D6CF44B81A7
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 0AA60C046AC4A095D6F3B941D41B2A8E
Requests: 11 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=41322400097839900951393012371011&a=9a2d3341
Frame ID: D9305F9BA68F9A18B7DEE85536C79E36
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 60E5C9D399DD74AA72ABE06C3A775549
Requests: 9 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/19e0375a-c287-48e2-b0ce-3f6858912c7a
Frame ID: BB8A5CF8809F10356EF2A681B8DAA3C5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AE0F170EF297092A7C838ACE950F71A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E3499041A1A8283A841F10C0EE518CB5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍚修真聊天羣動態漫畫第1季免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

Page Statistics

265
Requests

89 %
HTTPS

44 %
IPv6

49
Domains

77
Subdomains

51
IPs

10
Countries

3913 kB
Transfer

8537 kB
Size

39
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOEwZ7tdXbtZVG6qTErxyZ4&google_cver=1&google_push=AaAOQGGeaU4THapvXzynC5i8BfUSBjA_B5ExY57jUGg1Rw9aNU46OUH_AExzhZA0VpGHsK9Pf-JGDEBbn_gLFQ5vgWtOsry73A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGeaU4THapvXzynC5i8BfUSBjA_B5ExY57jUGg1Rw9aNU46OUH_AExzhZA0VpGHsK9Pf-JGDEBbn_gLFQ5vgWtOsry73A

Request Chain 144

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHkjiJf3bpN0QHkO3eds8cI&google_cver=1&google_push=AaAOQGHv4AwbCw5EHy5FZUkcSyW8ciGWAi2Tx_df0w1whs8w-cAMuLCtCEx07_fLITtSgn1F53TnEyt9QRhOy1s17JlVrJgYRgI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHkjiJf3bpN0QHkO3eds8cI&google_push=AaAOQGHv4AwbCw5EHy5FZUkcSyW8ciGWAi2Tx_df0w1whs8w-cAMuLCtCEx07_fLITtSgn1F53TnEyt9QRhOy1s17JlVrJgYRgI

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIQJTPBMjWf8p34FDbKgwhQ&google_cver=1&google_push=AaAOQGHeUCfvP15p2AYSp6Uaqt5rsJ9QOMWnmeyyzkqtRTEE2wdjpKbPWMxcEKMVxfWUwGemN1AdD8YpVDz45hVr2L_Dp9rA7Xw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUjVRWVAtMy1NRE83&google_push=AaAOQGHeUCfvP15p2AYSp6Uaqt5rsJ9QOMWnmeyyzkqtRTEE2wdjpKbPWMxcEKMVxfWUwGemN1AdD8YpVDz45hVr2L_Dp9rA7Xw

Request Chain 146

https://match.360yield.com/match/ebda?google_gid=CAESEBo0-xaD2gGCP8SoKhofw4I&google_cver=1&google_push=AaAOQGGPFRMSZNd2gwDqvMLCmr6S_nw1JanW_2S8IhiyaubbEwjPIVMCiTR-6XiYBqdFBM8moXgRv1QPvTB_SsDXHqGD3pG0nQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBo0-xaD2gGCP8SoKhofw4I&google_cver=1&google_push=AaAOQGGPFRMSZNd2gwDqvMLCmr6S_nw1JanW_2S8IhiyaubbEwjPIVMCiTR-6XiYBqdFBM8moXgRv1QPvTB_SsDXHqGD3pG0nQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mF4eF1qLQ7KL0bipnEAqTQ&google_push=AaAOQGGPFRMSZNd2gwDqvMLCmr6S_nw1JanW_2S8IhiyaubbEwjPIVMCiTR-6XiYBqdFBM8moXgRv1QPvTB_SsDXHqGD3pG0nQ

Request Chain 147

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDDQOF8J4MQEE_Bws2nM6LA&google_cver=1&google_push=AaAOQGEtpv3fUtGr5PDcuXNuF0KuG9IqjHqiKTh7nTvnp4Q5A1g7upgFsMsbpXPovuyDp1piLBOy8GfX4_53kg-ok6USEyO4_ME HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEtpv3fUtGr5PDcuXNuF0KuG9IqjHqiKTh7nTvnp4Q5A1g7upgFsMsbpXPovuyDp1piLBOy8GfX4_53kg-ok6USEyO4_ME&google_gid=CAESEDDQOF8J4MQEE_Bws2nM6LA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGEtpv3fUtGr5PDcuXNuF0KuG9IqjHqiKTh7nTvnp4Q5A1g7upgFsMsbpXPovuyDp1piLBOy8GfX4_53kg-ok6USEyO4_ME

Request Chain 148

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOMZTSdyBDYEOWROY2V2eaI&google_cver=1&google_push=AaAOQGEG6priY-r1zxD0GryV__SRsp4gXhr8VgFb8ys9Ga5y2Ml55W63h7CuOtgqXQFdAlUlGLdkq7FYyieKKSk-qUYxUdXiTe9k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEG6priY-r1zxD0GryV__SRsp4gXhr8VgFb8ys9Ga5y2Ml55W63h7CuOtgqXQFdAlUlGLdkq7FYyieKKSk-qUYxUdXiTe9k HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 149

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECsxN0cCkeWQ9ge4EQij8-U&google_cver=1&google_push=AaAOQGE8zoXxH6YEH3HILnJhegHm7Bsh18qGylLfRAmJp8T4a0PjJb0csXiRA3XHvikC4qNp7_2dcPLaqniLWUS_GpJUGpGR4JtM HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECsxN0cCkeWQ9ge4EQij8-U&google_cver=1&google_push=AaAOQGE8zoXxH6YEH3HILnJhegHm7Bsh18qGylLfRAmJp8T4a0PjJb0csXiRA3XHvikC4qNp7_2dcPLaqniLWUS_GpJUGpGR4JtM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=501c070f-4ec7-4800-92c6-d23e8a9c9459&%%GOOGLE_PUSH_PAIR%%

Request Chain 174

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPtbkbsYJDmKulPwgH0vToE&google_cver=1&google_push=AaAOQGFc7Be_Xqbir4AyieJ48KeNfRdB3PbE-iR55zaKr3lP1FG_EMTw0dqUPpulXL8-bdUSBV9k8gvQ-KCxZEXG9WHCKSVGG4ek HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk4OTE5NjY0MzkxNzA2MzA1NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPtbkbsYJDmKulPwgH0vToE&google_cver=1

Request Chain 175

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENl3kINV0NV7TUDf2CO6_l4&google_cver=1&google_push=AaAOQGH8x3NBPrbxNI9Wzg4X6vNWJqztY-c89DeQSGo4OmYelngyM1LxN7GTcNCSmDG4Xr0xFX8tQGRELPfc_8M0PVjrHs0XxLs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGH8x3NBPrbxNI9Wzg4X6vNWJqztY-c89DeQSGo4OmYelngyM1LxN7GTcNCSmDG4Xr0xFX8tQGRELPfc_8M0PVjrHs0XxLs&google_hm=AZZW409yQMmlQ1YW9w8L8oI

Request Chain 176

https://d5p.de17a.com/cookies/google?google_gid=CAESELHXfIfjCi5MCIiYcEvf80I&google_cver=1&google_push=AaAOQGFu6Hpn5gaVupX8qE0VdvpV5qw6HhQOWZYsZ3CWMQn7ccBGLSeuhXhED32cTu42c8lpCVnge2_DBHUrwjKdRt9_5zYsVzE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELHXfIfjCi5MCIiYcEvf80I&google_cver=1&google_push=AaAOQGFu6Hpn5gaVupX8qE0VdvpV5qw6HhQOWZYsZ3CWMQn7ccBGLSeuhXhED32cTu42c8lpCVnge2_DBHUrwjKdRt9_5zYsVzE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFu6Hpn5gaVupX8qE0VdvpV5qw6HhQOWZYsZ3CWMQn7ccBGLSeuhXhED32cTu42c8lpCVnge2_DBHUrwjKdRt9_5zYsVzE

Request Chain 178

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOsYBIwvH6tqSwiQfmlz3w&google_cver=1&google_push=AaAOQGEI2r-QGK_v2QDumco57e6JztuCnWiHzsDHFqCcznddDuKkoDKqSa11xZGW63sDzECbjXFiQHs0KbZVVsed4dKNNxVweqc HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOsYBIwvH6tqSwiQfmlz3w&google_cver=1&google_push=AaAOQGEI2r-QGK_v2QDumco57e6JztuCnWiHzsDHFqCcznddDuKkoDKqSa11xZGW63sDzECbjXFiQHs0KbZVVsed4dKNNxVweqc&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEI2r-QGK_v2QDumco57e6JztuCnWiHzsDHFqCcznddDuKkoDKqSa11xZGW63sDzECbjXFiQHs0KbZVVsed4dKNNxVweqc&google_hm=G5y3pGZHFHnuOE_-RU2c2nKN

Request Chain 179

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKMnB42EXNXkdgFLM3KlLAE&google_cver=1&google_push=AaAOQGHOzjXtoV14i8_uYZghXS8uP_V0mtXCbJ2Azi5fDBQsLN-BBBsxwLN2sNb8B7BwzYai-gVN0sT16LcXLT95XOp3Vl4891Gz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHOzjXtoV14i8_uYZghXS8uP_V0mtXCbJ2Azi5fDBQsLN-BBBsxwLN2sNb8B7BwzYai-gVN0sT16LcXLT95XOp3Vl4891Gz

Request Chain 180

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDDQOF8J4MQEE_Bws2nM6LA&google_cver=1&google_push=AaAOQGFodatCpiK0Y3Ayq5_rm8vdIO_cdYOa-bsqPjxcEfv7c1GCwHCvC1mJuSLnr6tILW8UHCBobN9q63LGTJ1SC-Pdhzmyv04Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGFodatCpiK0Y3Ayq5_rm8vdIO_cdYOa-bsqPjxcEfv7c1GCwHCvC1mJuSLnr6tILW8UHCBobN9q63LGTJ1SC-Pdhzmyv04Q

Request Chain 183

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEkonzTzeHgMB2Ce1h5m_7s&google_cver=1&google_push=AaAOQGHMnIXR634tTcWZWoda3rzxrTgXVmsossIUXNcPzIIpsLZC4Pkf6LQRhcM_q6nCgAXi_fTo2Y8jLM0hdH2r-RFyzjRn3YhZ HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084925904550566&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHMnIXR634tTcWZWoda3rzxrTgXVmsossIUXNcPzIIpsLZC4Pkf6LQRhcM_q6nCgAXi_fTo2Y8jLM0hdH2r-RFyzjRn3YhZ&google_hm=UBwHD07HSACSxtI-ipyUWQ==

Request Chain 185

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOsYBIwvH6tqSwiQfmlz3w&google_cver=1&google_push=AaAOQGHQZOngZd-OL3molkp-a5KwAR5eZbkzcvXtCL-Vpoxl6aGzXSANo2_I1nqVy8lmmqL3CwVi-UKj4gYGaWSV60a72jOfnACm HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOsYBIwvH6tqSwiQfmlz3w&google_cver=1&google_push=AaAOQGHQZOngZd-OL3molkp-a5KwAR5eZbkzcvXtCL-Vpoxl6aGzXSANo2_I1nqVy8lmmqL3CwVi-UKj4gYGaWSV60a72jOfnACm&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHQZOngZd-OL3molkp-a5KwAR5eZbkzcvXtCL-Vpoxl6aGzXSANo2_I1nqVy8lmmqL3CwVi-UKj4gYGaWSV60a72jOfnACm&google_hm=G5y3pGZHFHnuOE_-RU2c2nKN

Request Chain 188

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOMZTSdyBDYEOWROY2V2eaI&google_cver=1&google_push=AaAOQGEGOMmL3HtzPeYHlVLH7hZXWTtmuy_r4cW9VaN4TTP62lr4sDe1h-kEjdsCoDU6n4uGscpn-TplsLz8LO4zi9wPWHOlyZkY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEGOMmL3HtzPeYHlVLH7hZXWTtmuy_r4cW9VaN4TTP62lr4sDe1h-kEjdsCoDU6n4uGscpn-TplsLz8LO4zi9wPWHOlyZkY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 206

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(41322400097839900951393012371011)038191239 HTTP 302
https://img.tradedoubler.com/images/inv.gif

Request Chain 214

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CObT2-Cs6_8CFc3huwgdp84JmQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023063017515986382739463X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023063017515986382739463X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218

Request Chain 221

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLzV2-Cs6_8CFS-GgwcdfEsLyA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023063017515986382739467X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023063017515986382739467X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 224

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CI_X2-Cs6_8CFYzhuwgdFVQPxw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023063017515986382739465X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 236

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMLEZ4QwIwMrWhlHLcmU-Ao&google_cver=1&google_push=AaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMLEZ4QwIwMrWhlHLcmU-Ao&google_cver=1&google_push=AaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 237

https://um.simpli.fi/gp_match?google_gid=CAESEMMVUM9OWSjlO28jBeetlBA&google_cver=1&google_push=AaAOQGGOSoE-NbE8WeF6OsY3uhSB5DJZJAD6lUqHE15L0mXAub-cr5fxE4ADmmgk_87Psi5XGd5BXRG2Gi_FHDf_yrWVYpEZYSo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=891AC26B68B24EEC89E85213AD65CD96&google_push=AaAOQGGOSoE-NbE8WeF6OsY3uhSB5DJZJAD6lUqHE15L0mXAub-cr5fxE4ADmmgk_87Psi5XGd5BXRG2Gi_FHDf_yrWVYpEZYSo

Request Chain 239

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHMps6oVj6Nz8h93nIItHyc&google_cver=1&google_push=AaAOQGFVR-T0-9dOFqxLzcaOqK05ZvyMKWvTfPr5xx2PQ3pZbSCtFf0XVtnohsOGwvjsz5HCsXaHt8NlEtMCuEok62cSRS0ZCyc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFVR-T0-9dOFqxLzcaOqK05ZvyMKWvTfPr5xx2PQ3pZbSCtFf0XVtnohsOGwvjsz5HCsXaHt8NlEtMCuEok62cSRS0ZCyc&google_hm=eS02cm4xLkRaRTJwR0tHbHJvWURLNEZiYmF3TEppNXhXSX5B

Request Chain 240

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIQJTPBMjWf8p34FDbKgwhQ&google_cver=1&google_push=AaAOQGHhYtlNmgSfFEg7CHubnsoRw_YB7hsS7pM4FR8XinUeUBiHGi2ayqVytalvjbt3gYK4kFKFaLE8Fi4tVcQ90-Fp23i4Lw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUjVSQVMtMUwtTUI3WA==&google_push=AaAOQGHhYtlNmgSfFEg7CHubnsoRw_YB7hsS7pM4FR8XinUeUBiHGi2ayqVytalvjbt3gYK4kFKFaLE8Fi4tVcQ90-Fp23i4Lw

Request Chain 241

https://match.360yield.com/match/ebda?google_gid=CAESEBo0-xaD2gGCP8SoKhofw4I&google_cver=1&google_push=AaAOQGELvm3DRXbt3wsr_3oADeJowRS9qUz6jbm7pkG_cdG3_2gZPXmBEvnBe6BIB54UPHcsBUS5cZY85P5qqwYdnzT9LTDXx94 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mF4eF1qLQ7KL0bipnEAqTQ&google_push=AaAOQGELvm3DRXbt3wsr_3oADeJowRS9qUz6jbm7pkG_cdG3_2gZPXmBEvnBe6BIB54UPHcsBUS5cZY85P5qqwYdnzT9LTDXx94

Request Chain 242

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDDQOF8J4MQEE_Bws2nM6LA&google_cver=1&google_push=AaAOQGGVB_Wrh3CgFq-UaCMX0pQRyI3C88BuzmenRB5Tqgg1REcve8cxpF7jQMSZctIOJgoVaJPlNq0S-8ZrPvFPKUrSqZ-XX0s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGGVB_Wrh3CgFq-UaCMX0pQRyI3C88BuzmenRB5Tqgg1REcve8cxpF7jQMSZctIOJgoVaJPlNq0S-8ZrPvFPKUrSqZ-XX0s

265 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo Show response
www.xgcartoon.com/detail/ 82 KB
18 KB 904ms
446ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a0c98090bc59b7f75a441d10e9f2505881fbd43cbf95d7a29162dfcab0eb0d9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:51:56 GMT
etag: "1490a-h7IxzyBFa5T/rg4Oc5SJK8T6yZo"
expires: Fri, 30 Jun 2023 15:52:56 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 124ms
64ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fac65eae91e538682a3d665f71f914b4c23f75d63e108f39bbfedae2d4c18bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72777
x-xss-protection: 0
server: sffe
etag: "6a41d305aa203423"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 109ms
49ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6b1d729275da998ffe9046246aed006e6e1279f708d2f42f39cc5e087c9de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23138
x-xss-protection: 0
server: sffe
etag: "b74a072d99473e43"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 114ms
58ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1423e91d213723c449145f5a7f0bafe65564a10f9bc64cd7cf1842fd5790b34e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9437
x-xss-protection: 0
server: sffe
etag: "0aebd347139a27dc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 127ms
71ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc2e30d6ee1537ae5c0ea15220a262be4dc5e4ea425bc8be4289a92565240f89

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14985
x-xss-protection: 0
server: sffe
etag: "7e84de54a93787d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 131ms
76ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

261e9e2e8ce0bbc8034e0e3faab774335cdf97227f541eab88ce7fd7bfed3edf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
server: sffe
etag: "b9cc48d2d8a65dc6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 134ms
78ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ce9bff6b26eedf082d642de5ffa5126d8c4a41f328acf258583c6e2c168358

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4774
x-xss-protection: 0
server: sffe
etag: "b7b4621fe28746a2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02efaa0a75ba4e31a44f968b5dd3ab5a37217a996e6d300b0a9de67ee37982ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10354
x-xss-protection: 0
server: sffe
etag: "6d8538ff87cf33c6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
31 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8309a4ac613362e890e4e818e5324efd8e2cd4184d29ff180a35ae42f9b67b3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32043
x-xss-protection: 0
server: sffe
etag: "e1e90853d30957fd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 233ms
232ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:57 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Fri, 30 Jun 2023 15:54:57 GMT

GET
H2 200 xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo.jpg
static-a.xgcartoon.com/cover/ 134 KB
135 KB 788ms
755ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41badc7f67b4ba72b06026132832e30ec818d234345fea7ecc04728d0a266442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2023 03:46:15 GMT
server: cloudflare
etag: "6767AAD311BC5EB697C1002355E2D0E5"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7df792d77c0a9b2b-FRA
content-length: 137677
expires: Mon, 03 Jul 2023 02:32:31 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
668 B 235ms
235ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:57 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Fri, 30 Jun 2023 15:54:57 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
622 B 1034ms
1034ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Fri, 30 Jun 2023 15:54:58 GMT

GET
H2 200 xiangyaochengweiyingzhishilizheriyu-fengzedajie.jpg
static-a.xgcartoon.com/cover/ 9 KB
9 KB 807ms
774ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xiangyaochengweiyingzhishilizheriyu-fengzedajie.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ecc52e1cbb695afd0f56486faa5a7e11a94fb32aa4690163efdbc2d3a770db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sun, 30 Oct 2022 02:21:41 GMT
server: cloudflare
etag: "8435D25208A93B34671096DED80CBB00"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7df792d77c0d9b2b-FRA
content-length: 9317
expires: Sat, 01 Jul 2023 12:50:24 GMT

GET
H2 200 zhongshengzhidoushixiuxian_dongtaimanhua-shilijianshen.jpg
static-a.xgcartoon.com/cover/ 71 KB
71 KB 793ms
760ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/zhongshengzhidoushixiuxian_dongtaimanhua-shilijianshen.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e62c9d207e90a0ed18f425f85558336bfac1ac7b4d54004874b8bbe87efb13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 03:05:16 GMT
server: cloudflare
etag: "0EFD2B6B8E1CCA66B469EDB2F4F01305"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7df792d77c0f9b2b-FRA
content-length: 72536
expires: Sat, 01 Jul 2023 13:28:34 GMT

GET
H2 200 fanrenxiuxianchuan_tebiepianguoyu-kelamayijinsetianshengchuanmeiyouxiangongsizhizuo.jpg
static-a.xgcartoon.com/cover/ 78 KB
78 KB 50ms
18ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fanrenxiuxianchuan_tebiepianguoyu-kelamayijinsetianshengchuanmeiyouxiangongsizhizuo.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b6100095d2ad074411d2aa0c3d38fb6bcbefd28f2ea89c38f8f696a028bfe46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:57 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 07:58:47 GMT
server: cloudflare
age: 14116
etag: "8F863780C5B09EF9FB0C915F73DC26F4"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7df792d77c119b2b-FRA
content-length: 79561
expires: Sat, 01 Jul 2023 04:51:14 GMT

GET
H2 200 overlorddisiji-yitengshangwang.jpg
static-a.xgcartoon.com/cover/ 11 KB
12 KB 637ms
605ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/overlorddisiji-yitengshangwang.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded5ad320ec2ed9002a9340bcfe57cb7ad5f730f4d55ccdde5f57e52d06f5e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:57 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 25 Aug 2022 05:50:02 GMT
server: cloudflare
etag: "13E9E8D060DF1A9F06512FD1CD849F7A"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7df792d77c129b2b-FRA
content-length: 11728
expires: Sat, 01 Jul 2023 17:29:01 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012306202201000/v0/ 8 KB
3 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f688b8dfc364b75c1f758c634c63dd4b757b621e31c8cf5337712450c18a07c4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 16:19:08 GMT
age: 171169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2964
x-xss-protection: 0
server: sffe
etag: "1f9da89531538a7c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jun 2024 16:19:08 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012306202201000/v0/ 239 KB
63 KB 28ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bcff3d783e8cbfa9bc7894327aa463ff77cd83561618a0bc497447609c85edb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 16:19:17 GMT
age: 171160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64548
x-xss-protection: 0
server: sffe
etag: "698df789630f57f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jun 2024 16:19:17 GMT

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012306202201000/v0/ 12 KB
4 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7164362bbe2722e1734674631cdf2b08acf542e8c6bbf2d2938454a1793350

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 16:19:08 GMT
age: 171169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3944
x-xss-protection: 0
server: sffe
etag: "7a2486b343b544d2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jun 2024 16:19:08 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
484 B 58ms
23ms Fetch
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 439ms
405ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306202201000&d_imp=1&c=860002475&ga_cid=amp-n86Is_kZ0zJTsbPQUeHtuw&ga_hid=2475&dt=1688140317402&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&bdt=277&dtd=64&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d0e0148a7c7c227829016069644d6b707d102fed7c7358113f48290263fd609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:57 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13789
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJSF1d-s6_8CFVn_EQgdt6QKvg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 30 Jun 2023 15:51:57 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
23 KB 1244ms
1211ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306202201000&d_imp=1&c=860002475&ga_cid=amp-n86Is_kZ0zJTsbPQUeHtuw&ga_hid=2475&dt=1688140317402&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&bdt=277&dtd=65&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d48de830c3d4c371257d6ea6096f9dba46ead4569f94e2b101aa37e0eae5737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: true
x-creativesize: 160x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23239
x-xss-protection: 0
google-lineitem-id: 6137558351
x-qqid: CJeU1N-s6_8CFUbAEQgdDXUAUA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372930229
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 1103ms
1071ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306202201000&d_imp=1&c=860002475&ga_cid=amp-n86Is_kZ0zJTsbPQUeHtuw&ga_hid=2475&dt=1688140317402&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&bdt=277&dtd=65&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b577905b7ac293ad6c4a7af59884a8991626c591785bec49cb78caab17c933d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: true
x-creativesize: 300x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12876
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CI_j09-s6_8CFXjAEQgdC3gDcA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663397
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
23 KB 697ms
665ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306202201000&d_imp=1&c=860002475&ga_cid=amp-n86Is_kZ0zJTsbPQUeHtuw&ga_hid=2475&dt=1688140317403&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&bdt=278&dtd=65&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

088537e62b18679311e115b30c7cbef90090228c0c616ad3eed0a254dc487cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: true
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23251
x-xss-protection: 0
google-lineitem-id: 6137558288
x-qqid: CPz909-s6_8CFU8E4Aod938HVQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138389590198
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 65 KB
23 KB 902ms
870ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1006&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306202201000&d_imp=1&c=860002475&ga_cid=amp-n86Is_kZ0zJTsbPQUeHtuw&ga_hid=2475&dt=1688140317403&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&bdt=278&dtd=65&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c49dcb117c4639410f57d60c680ef72018b6886c84985628ec6665fe2e7815e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: true
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23239
x-xss-protection: 0
google-lineitem-id: 6136661665
x-qqid: CIvo09-s6_8CFdQk4Aod9XUFhg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370495019
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 container.html
972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 91ms
23ms Other
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012306202201000/v0/analytics-vendors/ 2 KB
812 B 14ms
14ms Fetch
application/json 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 16:18:59 GMT
age: 171179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "faa9c0f37b801b56"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jun 2024 16:18:59 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 52ms
21ms Fetch
application/json 2606:4700:e4::ac40:a01f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a01f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only, master-only
age: 40508
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: same-origin, same-origin
last-modified: Fri, 30 Jun 2023 04:36:50 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xgcartoon.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UwoOeXFVKhZqp0z1kqPyW0bRqE2mRNH%2Fd%2FZpn3o8qk40LDuitTApexvVR4FkThmJ%2FnORbXMt6WEWwY9NC8yVE6j8sNwMf%2F9aFY1lr5Ll2NIPhz2KTfUuiwrzka6Z3m8DhcjpgWysQaHHgPZEGogQYL2HoTpnoXn8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7df792ddae3735ee-FRA

POST
H2 204 collect
www.google-analytics.com/g/ 0
247 B 55ms
20ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=2475&cid=amp-n86Is_kZ0zJTsbPQUeHtuw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&dr=&dt=%F0%9F%8D%9A%E4%BF%AE%E7%9C%9F%E8%81%8A%E5%A4%A9%E7%BE%A3%20%E5%8B%95%E6%85%8B%E6%BC%AB%E7%95%AB%20%E7%AC%AC1%E5%AD%A3%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1688140318&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A49E 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D60 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 68EB 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3CDA 92 KB
30 KB 78ms
44ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJ76HQAIQVQIEf9ZAAqkt5a1q0jiueAsF5jm7g&u=%7CKUE2TS9XEk1ZtJgnNb%2FYT%2FY6RB6QAvkTnh3RZupusb0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh4Cs6sW4q8wipphXa-vivu_Jr4cry5Nm41ngGDZJMN0rFDDDlTu8pTbMFNt12e4FI6V7zEGtBriapGeAawlpxRWxOL57nnrV7ZLYx6fHsPetlfgRvPCVfCA9wz0X0SUiBcE3uYNHZJNasF-BZxMbSEkQFDHv8czFOQdJIlOLGqxY3VTVIjiWQ2u0BJXg_FM-PGRbSRhfeDtcDwvCUG9nnqJdA7ifLjin3Xu3CDPro_GxsJb4rsCIEqNKfPcCY6_Rsga97tRbaCNJrcRSJxsuR0Iw8Rc61Vx4EHx6mwmwsxrhbmHT04b-upl77kIMoBk-N09fZYcrjSysj2ewiuA22MTWu3Rl2V-Ke5_tXFWcOaQstJRu_Z0DSmOKyGoo3JMU3kOKt0xz0RjWaoTPoRmAmo6Ot3RUG1XwpkF8QOQvSkxW4gs4ys8U_f1cb4BnOFbPZwdwPKjI1gpuBZiKT7rFRLRASPi4Q1pfJG7GJ6sS2K9Bak4ZIYNqw9zKTvIj9-fNNaTyDVCEX6aLPI5iYuchyIRTXPkmqVoJQeht8mhiqKiyYjljFy1e3hDpaHmu7S5T-E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTmmvHfqeZNSCIdn-x_APt8mq8AvJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgpl964YNbI-4AIAqAMByAMCqgS_Ak_Qn-x11M_BgQa71-S4scd4oDV4lwc_qBdYHIHwikNOF2ETXednbVLBv2IUJPx0UrIUWvccC1r70p9kSshgTfoxjQiMIsVZcUWlQGGkxZrZhx7FPU8ot_qcmsmbgKOG5oDnrbQBKiMutPmnU8VX5VgMR0Bv3SFWnhWfwGpPQM7EVveJzVPM-hbvo7FmyxhJjxbrIdHMLpvuHsEzHKLAAuO53ZSujB_VMgKdMAnnH6AaOG5AbEwqYQcYXyeSxXpDxkz8kWOSTpp5LJCdmzpn-TwCICciGlHhSMzCwJUAQ_jVEeFEYvV3bO5Z6JJotNbt39_KhzoHoQmBQLOy0oRMq2kmKBvakXThcc-kflukd0tQkpoE9FWHrR8u9lzEcvk0Inqf6L3Q5sOtbUZKLdjj5LpIiPoeSPh5QODwRnOtn2fgBAGABvLhtpPF06HNfqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37Ys9QP69CU-WYz9wQS_0Zmzjifg%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

73daafa8d9121fa648efcde2397d4ee08ef76f69813a7a6a32b0506f839903ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8RJ9o762bGgRhL3vVJlOISuQM22Xn_JNYhA6OjarBur3cYNMLzTerbFjkd-AsmTvlKdkMdyVbjEZsZNjO6Ft6_9iqI7Uz_TpUqDBkNUtfVMCGMlSdcroBPZiNSl6kUWFfiFDIR6jwFEUJTgu8D9VDdsL1WZ0Zpq8M6bsvtIsbaSKFDFOlzTj3j_p07ut2ABuWBqSyiyt7TqQCKlta6Ws_jKyBF-E4lqZeuQFvGEBX0eIGBaGL1nYhTnON1g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 23002058
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A49E 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:46:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A49E 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A49E 24 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A49E 179 KB
57 KB 86ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A49E 0
0 59ms
58ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbEBXHfqeZNSCIdn-x_APt8mq8AvJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgpl964YNbI-4AIAqAMByAMCqgS8Ak_Qn-x11M_BgQa71-S4scd4oDV4lwc_qBdYHIHwikNOF2ETXednbVLBv2IUJPx0UrIUWvccC1r70p9kSshgTfoxjQiMIsVZcUWlQGGkxZrZhx7FPU8ot_qcmsmbgKOG5oDnrbQBKiMutPmnU8VX5VgMR0Bv3SFWnhWfwGpPQM7EVveJzVPM-hbvo7FmyxhJjxbrIdHMLpvuHsEzHKLAAuO53ZSujB_VMgKdMAnnH6AaOG5AbEwqYQcYXyeSxXpDxkz8kWOSTpp5LJCdmzpn-TwCICciGlHhSMzCwJUAQ_jVEeFEYvV3bO5Z6JJotNbt39_KhzoHoQmBQLOy0oRMq2kmKBvakXThcc-kflukd0tQkpoE9FWH7x0PZNtL7uqLvm48OIB2Hsq5Z_BAA8BhUHJ1LgihVtRhxUp0VczgBAGABvLhtpPF06HNfqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=oCEcU5iyvqg&uach_m=[UACH]&cid=CAQSGwBygQiD6eOzsjIj_0J_JQUQKXk0kAFDDWyfOBgB&vis=1
Requested by: Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame A49E 0
126 B 58ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k4vFFcg12AVanYNiAgIAAAAdQv95Xy9817Xd6mGF8G-REBz6nmQ5KIzxj34sGp0-AAASAAAKCkFRVUJEd0VCRHc&wp=ZJ76HQAIQVQIEf9ZAAqkt5a1q0jiueAsF5jm7g

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 127187
server: Kestrel
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1D60 75 KB
25 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26924c904fb54855018ec88d1814f39da6f832a39a6f023ef34c37ad58102e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25866
x-xss-protection: 0
server: cafe
etag: 848 / 19538 / m202306270101 / config-hash: 327100832698525116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D60 179 KB
56 KB 94ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D60 0
434 B 52ms
52ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiasUkUBBOvaWUE5s_wNwani7EIqRBr0dJi9u10h0h5oXML3znWnV8-zWbyI2G3JmKKtqHxUr2MrTdqomEQQYcpWplAUWmC2Z8cKq0Y6ElV6xpubeTcrrHUprB6T614u5p7DF2Z9zjlnMbM_MjV72hvnGS6dauIV9CzgMxIzEiKhs-CdRP5A5POxdzPQ-xWf2MsNvZJtRJVc2tfVYLZQYmQaqLimoAx0KTbnig4tj_9d47-d9L-1Lub3zq8E9Bx5d5kERDG2RJ8mbn2pFAwBYkVqTkEA2s87A5bGicMO3C5i-HJdRCDwDNPVdnBIrbHYVZrtRePtOvxJlJHey5TX2osvfCeVov7wtcDVbufFcImR6Wmw&sai=AMfl-YSeyCJRqzQ7JQ3Kv5bt5YBljnlrfHOHOK2a8fXSoweRKZnI2t-eZyX28IQKBBexRne_XlJsmmFrSwtFKsE&sig=Cg0ArKJSzBaD263kQgZZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 68EB 75 KB
25 KB 151ms
151ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05747cc165f35a75b4255321a8689b4b9a61b8ac03a04840fee486545a7ba863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25866
x-xss-protection: 0
server: cafe
etag: 620 / 19538 / m202306270101 / config-hash: 327100832698525116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68EB 179 KB
56 KB 87ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 68EB 0
292 B 51ms
51ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNDRr8ALQDhBPu_TgHF-BxcMXF6HaWXUly3Q-8f9zpzlFYtRxL4fkRPorviKMNcP_UzC_vDiXbmiZW9d6nwc0cAsO8OwbHEoBL0p4GkqSXw-pKuFBHkct9xZxeT4hEOL1EpX0PIitD1s9Db41fKZwiornuoM7IV1Zh10pnJxzQet0AeSHkJJgHeygovWAwewKT0zywXjPd0aa_z8IpGNOOCBaLduHkoYw8uV3W-1U2TAK14ZNEwp8GqczckWrVmuwRs_Im-eh85RvNVnrONSLNA51tvJTCKkcUlwGJR_mDGMb-HJMj6BP_ohebG4vPxr6fdOm2-0Lmncjw295EGeBOexDO5FTJV2AA6v6wvL7n21CeGv0&sai=AMfl-YQhnmMs-NzivIUmz6s3gXriKn6quviqmNwVTkmrIbrZWw_FM_y78raS7YygNJmuyDL6y8doCgCMqfUn_jk&sig=Cg0ArKJSzNY8LuyweclOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H3 200 container.html Show response
972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 747E 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A49E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d1d3c2541088e2868f6d6e6742122d2824a8264e99cfc9f504b9c3211a9dc0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 747E 24 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 747E 94 KB
33 KB 133ms
92ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd378854072db6b917611faefcfc33dfc6d0aaac41a7ff23acfc2e5b739100d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33473
x-xss-protection: 0
server: cafe
etag: 1516089709474500461
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 747E 179 KB
56 KB 74ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 747E 0
26 B 52ms
51ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6cPv7KAAx-wcdbXHv0y0zEK-i6Z3eR7zAcVTY5XogJ6syQ2bzYGjdhjmWKjNIbp8-H3skqkFfkdKKmksYhQaqjXJAhVlhtEc-i4WqZndYntUjoiUD5Yme4yajey9i7h9rP7sGJIU2Mkc-oCnza_pVqZ4OItcV2JG-I8QCgPMPPYRytTOQqxNzhvFegFVwIq89vyxFUaSL9X42IEH48uFPJ2b6gnHX_Z7PVmZiaG04-lLtrqaZagFx5mZnfrrL3bNUjQt9471W0y0nNY_M4pHw5L8hawtAHpvUw9J9WNEMXKHPFdz65Xo_jvNpB3_h2O2u56iN1Hwq_pCHT1nX3zQ5wROsIncUeVismXxNyY0&sai=AMfl-YQG227FNYkYWWx1KS7D0eEEZ610RuN6EG99AtjcNeUxLbcTtczBNzON4ZqMChBMuUodJqMITcV5YXu5Yzs&sig=Cg0ArKJSzNPhYFnzzbp_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3CDA 2 KB
1 KB 83ms
53ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJ76HQAIQVQIEf9ZAAqkt5a1q0jiueAsF5jm7g&u=%7CKUE2TS9XEk1ZtJgnNb%2FYT%2FY6RB6QAvkTnh3RZupusb0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh4Cs6sW4q8wipphXa-vivu_Jr4cry5Nm41ngGDZJMN0rFDDDlTu8pTbMFNt12e4FI6V7zEGtBriapGeAawlpxRWxOL57nnrV7ZLYx6fHsPetlfgRvPCVfCA9wz0X0SUiBcE3uYNHZJNasF-BZxMbSEkQFDHv8czFOQdJIlOLGqxY3VTVIjiWQ2u0BJXg_FM-PGRbSRhfeDtcDwvCUG9nnqJdA7ifLjin3Xu3CDPro_GxsJb4rsCIEqNKfPcCY6_Rsga97tRbaCNJrcRSJxsuR0Iw8Rc61Vx4EHx6mwmwsxrhbmHT04b-upl77kIMoBk-N09fZYcrjSysj2ewiuA22MTWu3Rl2V-Ke5_tXFWcOaQstJRu_Z0DSmOKyGoo3JMU3kOKt0xz0RjWaoTPoRmAmo6Ot3RUG1XwpkF8QOQvSkxW4gs4ys8U_f1cb4BnOFbPZwdwPKjI1gpuBZiKT7rFRLRASPi4Q1pfJG7GJ6sS2K9Bak4ZIYNqw9zKTvIj9-fNNaTyDVCEX6aLPI5iYuchyIRTXPkmqVoJQeht8mhiqKiyYjljFy1e3hDpaHmu7S5T-E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTmmvHfqeZNSCIdn-x_APt8mq8AvJntKxXNWdkfdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgpl964YNbI-4AIAqAMByAMCqgS_Ak_Qn-x11M_BgQa71-S4scd4oDV4lwc_qBdYHIHwikNOF2ETXednbVLBv2IUJPx0UrIUWvccC1r70p9kSshgTfoxjQiMIsVZcUWlQGGkxZrZhx7FPU8ot_qcmsmbgKOG5oDnrbQBKiMutPmnU8VX5VgMR0Bv3SFWnhWfwGpPQM7EVveJzVPM-hbvo7FmyxhJjxbrIdHMLpvuHsEzHKLAAuO53ZSujB_VMgKdMAnnH6AaOG5AbEwqYQcYXyeSxXpDxkz8kWOSTpp5LJCdmzpn-TwCICciGlHhSMzCwJUAQ_jVEeFEYvV3bO5Z6JJotNbt39_KhzoHoQmBQLOy0oRMq2kmKBvakXThcc-kflukd0tQkpoE9FWHrR8u9lzEcvk0Inqf6L3Q5sOtbUZKLdjj5LpIiPoeSPh5QODwRnOtn2fgBAGABvLhtpPF06HNfqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_37Ys9QP69CU-WYz9wQS_0Zmzjifg%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3CDA 2 KB
1 KB 54ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3CDA 308 B
636 B 81ms
53ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3CDA 293 B
621 B 81ms
53ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 3CDA 43 B
348 B 80ms
18ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SLr0Q2tDqyKI61w0WaAtHTDz38KBEd3leisixrs0nTpOs3ZLDxrbjS5bFmH2rtvmW6ZPtC6UPLviT5v0qok-CMGA8nH0OVPRF0pcPsNCHdtk_GUCyuYSy-HzIPv3O7wx7_gMmaEIYeF5xcqkPdK4mX9xSj6l4Xu0yULLhtDzl33bl_QaW-9FKsxj8PO_s9cCzfg7zqtq-DHKTlSgKYMSrkZv299YbRONQD5bKM2XQz4j0iquBBEkfPm0oRJQtOfBXugohO4k_yX8hGk0WkuNzP0zrH9kUvylOw1cea48RFY7Pls0_wbsvzT6O-ipyVlJCsWUCvBTiLxoAhHMm0wxfsuid0toc_Dly2qQT3YiJSjnykGJ5QCu2WYscd0cMpP_z5WwSfElKFnOdxHjDDCFKiJTJpJ1tdTw4FXPfy7ZSXC656PS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2305832
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1bc46d6331364bd2a174e26b9fa100b4_f0c6863b9042c52ad2ce42e46197ad56.jpg
static.criteo.net/design/dt/14720/230303/ Frame 3CDA 392 KB
393 KB 54ms
26ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/14720/230303/1bc46d6331364bd2a174e26b9fa100b4_f0c6863b9042c52ad2ce42e46197ad56.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0ffdd3bb57b9c5e6894bf74739c6025b3d98979ff6f3d79fe00e6e8fec48206b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 03 Mar 2023 12:19:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6401e5b7-61fea"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 401386
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 097c28e49c8741dc977323ba4d7bd121_ae8b39ba77f95debdefc59a6e0c03033.png
static.criteo.net/design/dt/14720/230303/ Frame 3CDA 4 KB
5 KB 41ms
41ms Image
image/png 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/14720/230303/097c28e49c8741dc977323ba4d7bd121_ae8b39ba77f95debdefc59a6e0c03033.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d7c52806df5f3f291f070ae0d7cc076a6e2894bd6193a7f524319966853266fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 03 Mar 2023 12:19:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6401e5b8-1163"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4451
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 dd7cdc5ff8ff4096a06ebeb2d72aa704_e1121cd4cedb621b94cb5ee95504c7f3.png
static.criteo.net/design/dt/14720/230303/ Frame 3CDA 11 KB
12 KB 42ms
41ms Image
image/png 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/14720/230303/dd7cdc5ff8ff4096a06ebeb2d72aa704_e1121cd4cedb621b94cb5ee95504c7f3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

de025e75b63872ee1c88d57f989e71996396f96d4c2c35688ae59b17d66701ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 03 Mar 2023 12:19:09 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6401e5bd-2d4c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 11596
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 a9c27edce31b479a94567e2119fb5de5_85b3db8643809f9c2c68f5c1e84a75d2.png
static.criteo.net/design/dt/14720/230303/ Frame 3CDA 4 KB
4 KB 42ms
42ms Image
image/png 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/14720/230303/a9c27edce31b479a94567e2119fb5de5_85b3db8643809f9c2c68f5c1e84a75d2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3b41b305ff10cfe0c35ae64cb20eea34f4600d63b195d44a30fa920a2df6e45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 03 Mar 2023 12:19:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6401e5b9-101f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 4127
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 zepto-studio-1.0.1.js Show response
static.criteo.net/zepto/ Frame 3CDA 28 KB
11 KB 82ms
54ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/zepto/zepto-studio-1.0.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 21 Aug 2019 08:32:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5d5d018f-6f5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ Frame 1D60 392 KB
125 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3398
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 29 Jun 2024 14:55:20 GMT

GET
DATA 200
OK truncated
/ Frame 68EB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13510480db4c6ad546880825720e70b85bc49e374aa5df36c0ce89f1ff4085bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C998 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ Frame 747E 346 KB
119 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=972cac153261466e715372c64373158c.safeframe.googlesyndication.com&bust=31075623

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

279640665adc92d4244ed1cfbf8e8dc558eda38fc5bcf56cb9d8bad0c5c5de91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121735
x-xss-protection: 0
server: cafe
etag: 12685644302287297552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ Frame 68EB 392 KB
125 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3398
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 29 Jun 2024 14:55:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3CDA 0
128 B 50ms
17ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=8RJ9o762bGgRhL3vVJlOISuQM22Xn_JNYhA6OjarBur3cYNMLzTerbFjkd-AsmTvlKdkMdyVbjEZsZNjO6Ft6_9iqI7Uz_TpUqDBkNUtfVMCGMlSdcroBPZiNSl6kUWFfiFDIR6jwFEUJTgu8D9VDdsL1WZ0Zpq8M6bsvtIsbaSKFDFOlzTj3j_p07ut2ABuWBqSyiyt7TqQCKlta6Ws_jKyBF-E4lqZeuQFvGEBX0eIGBaGL1nYhTnON1g&sds=2&rev=87270&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3CDA 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3CDA 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 15:51:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3CDA 17 KB
17 KB 64ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=14720&q=80&r=0&u=https%3A%2F%2Fcdn.grube.de%2F2020%2F08%2F06%2F18-180-30_1_j20.jpg&v=3&w=800&s=u-SRrojM5JPYS3o8g6-grcEJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

397e7ba7adb045cd8a8020d328f3f0c8fc70d4455660cb433ed4c28cb99c545e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 17260
expires: Mon, 10 Jun 2024 07:18:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3CDA 130 KB
131 KB 70ms
41ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=14720&q=80&r=0&u=https%3A%2F%2Fcdn.grube.de%2F2021%2F02%2F05%2F80-519-02_1_j21.jpg&v=3&w=800&s=-0JFBnpgWOZswF3hugd-3_Cx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f1f13ca98c025052b2c204f7aeaa995931642ad995445b3f50d0f6dd0a79f43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 133544
expires: Wed, 19 Jun 2024 19:42:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3CDA 15 KB
15 KB 70ms
41ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=14720&q=80&r=0&u=https%3A%2F%2Fcdn.grube.de%2F2014%2F06%2F25%2FB_95-907_1_j14.jpg&v=3&w=800&s=71QV3Gi5TeKN_mG0nBeMmv37

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c8e4764999d4821969bd177fb548f36d2ea217b29902bab37b08fb9277391d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 15452
expires: Tue, 11 Jun 2024 07:58:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1D60 107 B
196 B 30ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=972cac153261466e715372c64373158c.safeframe.googlesyndication.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1D60 33 KB
14 KB 312ms
311ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2654449968433262&correlator=827646968913440&eid=31074948%2C31075485%2C31075764%2C31075339&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_mob_anime_vrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x100%7C300x250%7C300x600&fluid=height&ifi=1&adks=1561329272&sfv=1-0-40&prev_scp=in2w_key9001%3D1%26in2w_key%3D68%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D68%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&eri=4&sc=1&cdm=972cac153261466e715372c64373158c.safeframe.googlesyndication.com&abxe=1&dt=1688140318854&dlt=1688140318559&idt=271&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=b3608aka72lz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&loc=https%3A%2F%2F972cac153261466e715372c64373158c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&frm=24&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d990aded18187b4f3118e6307bf2a53c38cd2d4132359bc886d3fe323eaae05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14187
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E78 6 KB
3 KB 53ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C998 75 KB
25 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aa32f5c05a9924d2414c8371ad29234f86c5420c3a5c9077a0c5bf7d98204ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25866
x-xss-protection: 0
server: cafe
etag: 894 / 19538 / m202306270101 / config-hash: 327100832698525116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C998 179 KB
56 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C998 0
26 B 52ms
52ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstUgyWbr--kYjGQMNpNyGgmr2XJO-dQWYfEqgULEN6YT_1IFYr816ZphkzVTiJrzJCABqGAy-pdsehGT39aDYEWsmndFERO7b_LExYxnTaFlh8s0Gi6ubye2VAJKDa5IFIeIEVqtp7sk5TsD91H4RYhM3mk4BL0JaKH2ayVak6I9M5RFljgA9lBz9NexeISJNb0GpA6DNTx1HGJSGb_O0179jkYoYeZQVsk7qH_jTzVmjDOk3s4FcB0AH0l6E0zsCSApF2JaaFoWBr6R_WkzfvkHIoFzzHakUwbuQXG4VR-T2O_GG_Ko3Jswz8-YwTL0uXEpFB5-k9f8NgpB_r57IiqbstJHHRJ-0hevaOBLh6NP-P01w&sai=AMfl-YRLtEH4Pn2xF9CKm3pke5Mus6oDB7xeQXsXatNoxSvPih7L0w3piaP6x1YK2m3cMa_FhNqcMP5KB0On730&sig=Cg0ArKJSzJAvhHGziwpyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 972cac153261466e715372c64373158c.safeframe.googlesyndication.com
URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 68EB 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=972cac153261466e715372c64373158c.safeframe.googlesyndication.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 68EB 36 KB
14 KB 307ms
307ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973212705999604&correlator=3432060748644757&eid=31074947%2C31075759%2C31075761%2C31075029%2C31075338%2C31075340%2C31075695&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C468x60%7C728x90&fluid=height&ifi=1&adks=3160107641&sfv=1-0-40&prev_scp=in2w_key9001%3D1%26in2w_key%3D67%26in2w_key2%3Dnope%2Cbenchmark%26in2w_key3%3Dnop%26in2w_key4%3Dnop%26in2w_key5%3Dbenchmark%26in2w_key6%3D--3---%26in2w_key7%3D1580%26in2w_key8%3D67%26in2w_key9%3Dbenchmark_request%26in2w_key12%3Dbenchmark%26in2w_key15%3Db0%26in2w_key16%3D1&eri=4&sc=1&cdm=972cac153261466e715372c64373158c.safeframe.googlesyndication.com&abxe=1&dt=1688140318907&dlt=1688140318560&idt=339&adxs=0&adys=0&biw=728&bih=180&isw=728&scr_x=0&scr_y=0&ucis=7hpipfnj4qgm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&loc=https%3A%2F%2F972cac153261466e715372c64373158c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&frm=24&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482bda7cdeec898b23f69957b36f855e0d553060f536a88c17b72fa1d9b7452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBA6 6 KB
3 KB 50ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D60 0
0 78ms
51ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnxFApY7sA7iRvq7rNTvWur-i6uO3LSblNieK808fVZZHsJbcKn_SUgB50qTxE0PMcBWfJ5EYRvAB-8aub4CSf2B6G7klc5sGuM-o5Oh3cxKZ3LL71BV4eFh2CbRGj0xkMp3FgqDnLKnK9RfBhurp1k1oXOxLQAEPqAvFcrIfNX9yJ3s9z2IWp6GyQuVzN2aeaNApNImpuV1Kxu2fPNHE-MDkCbUGUjyzPYXBwVlI7bwvZVoTpSCsbFwYZzgZ-V0Ugg9I2jBIo_F_ylR4FYj-GcBDztTL90hC4AAjBz0PWs9-x0-0hbN736dCTq2C0Hfyr4jbjT0MJdVLbcArVaHnomHOmhfXxtbnwTb1Nj9edMA1dq5uB&sai=AMfl-YTuDVPb2Dhd5Hx5P0otHIhFHVPu7NT_bcLoSQ8uv_RFCx4p2qyKVfVaa8knl7EJG1sWac0J7lZ61xVFQuI&sig=Cg0ArKJSzCoo0yfYkj7eEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1D60 15 KB
11 KB 92ms
63ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d86682a329160bf87a55eadb98831b539f5e4f2f05cc9cb6163f30c6af8927f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11270
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C998 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f27ab20130e464959392f7f4f5766accefb7a5953e5ddc488fcb92077c118454

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 68EB 0
0 53ms
50ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucdgRVlAYROkVsFhihEXr8NJK4LRkjnNKwVAaxC_tAPGAVj5wpFLCDZA3rQHs72v1EJLqIhE72VZhJyROdmOunmN6-hbNRdElRNSv2f9_OBrJQhdHGTinDgrtjj_70ZcZbMs_EXiH1UcKDFL0Iut1tWQh76IOC7ar-T4ZOHvWHG7M1QVStzRjp8_bE2qKQwg6NCn23bs-XdZUe2nceUhjAq39pwZrpahlT1bGoaJ483aPZVWmLd2m3kP9fkk-DHDiCrmbA5uC-2Jioe_JJxCBfxfh0TyjQjEUY_tBam8nIIfmeORKZNUsN38oz1uVtsSsvhTzv3GIhRvlkHGL6HRns1SCg-tyX3AsH-IS-aWq121WSamxJdg&sai=AMfl-YQymbfRaDljhOYmWD6BQcg990nby9YY663mMDLkugNC3tyIHMy4TVVDCsv8AcsMGemgZpZPMvZR_EizwQM&sig=Cg0ArKJSzN7roY_CBw_YEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 68EB 14 KB
11 KB 67ms
63ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0c88f00a88cf5cd2687dbe95eb01fcde1f96b01a5769e40061057ba50a8faaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11158
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 747E 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=972cac153261466e715372c64373158c.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=972cac153261466e715372c64373158c.safeframe.googlesyndication.com&bust=31075623

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47F8 33 KB
15 KB 305ms
248ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e77e436f290ee26b6c9b80153d0cc86b88211ba39bf392b5af95c865fe493fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14552
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ Frame C998 392 KB
125 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3399
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 29 Jun 2024 14:55:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 68EB 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1D60 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C998 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=972cac153261466e715372c64373158c.safeframe.googlesyndication.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C998 33 KB
13 KB 264ms
263ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1260289334728956&correlator=280203059292694&eid=31075759%2C31075149%2C31075695&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_vrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600&fluid=height&ifi=1&adks=679277576&sfv=1-0-40&prev_scp=in2w_key9001%3D1%26in2w_key%3D3%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1580%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D3%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1&eri=4&sc=1&cdm=972cac153261466e715372c64373158c.safeframe.googlesyndication.com&abxe=1&dt=1688140319054&dlt=1688140318823&idt=223&adxs=0&adys=0&biw=160&bih=1200&isw=160&scr_x=0&scr_y=0&ucis=an1p76iwal8g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&loc=https%3A%2F%2F972cac153261466e715372c64373158c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&frm=24&vis=1&psz=0x0&msz=160x0&fws=256&ohw=0&ea=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fab0be2687e620d081fd4eefc04be4ffe7e643b17736093205b45f33fae0887c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13758
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B7C 6 KB
3 KB 55ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: Sat, 29 Jun 2024 15:51:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D76 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 14:50:14 GMT
expires: Sat, 29 Jun 2024 14:50:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 82FE 783 B
743 B 323ms
283ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b040b6739557f595634b6694181ec841b0be012baf54d9704ef63f7edb1b3c79

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A_tKUVN6T2YNaN0uUyZCqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-A_tKUVN6T2YNaN0uUyZCqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: Fri, 30 Jun 2023 15:51:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A037 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 14:50:14 GMT
expires: Sat, 29 Jun 2024 14:50:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 81E9 783 B
1 KB 58ms
24ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73118c2fa9518d27eea54c1cee7a3990565ea2fe1d6f99dc84aef32dbdf83a61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ACCYCRHC7BtLrSFhLsG8uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ACCYCRHC7BtLrSFhLsG8uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: Fri, 30 Jun 2023 15:51:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D76 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 14:55:26 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame A037 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 14:55:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C998 0
0 53ms
53ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCHw8Cmb6Je9VxYu_VVBd38U3iMFQ3t-eZYfEdnG7ATisVA54ieztXf45GFot8P7EJ4yzlX_DuE1tXMv_-2S-cshM1S7RwgwqaheKSPdiUU8em997Kz-ywF4shCoE1_n40MhqBcNzvt8Z0e1HEyVruXrZ3TIHnIX5E9Pv9JNagpVHiISTmmvVsz8BnjnJizleuDm3f7MevuqBOCHFKFDHATdoLVZqnYM-NIK8KeLUMpounNh74Movp4fJFAOLaVRrpMC2OLjzvjwdEQ-wBeYMsLZwVM31LhZqy59BnKYPUlHGMJLDRWIte29W1f75v7cynSVcLWR9kZyIDEvJmC1rIulDuplxp9SbCwZjsq1Gc902E5AXTLQ&sai=AMfl-YTYtTE27e7t64CnxgT6kR0th0n1QQj2Gb2uBWCYb4xdw_uaeSei9PHT0rIQxgKVfWf_vx-pFmTNs9-mw3Q&sig=Cg0ArKJSzF36s6TVElq2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C998 15 KB
11 KB 120ms
119ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c18e2315c56d49d5a3c5caffad32c5f250aa098098b8a1513038712a4cb55ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11401
x-xss-protection: 0

GET
H3 200 container.html Show response
a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 075C 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 81E9 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=2654449968433262&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 container.html Show response
fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F1E 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:58 GMT
expires: Sat, 29 Jun 2024 15:51:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 075C 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Co06GHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoEwgJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEoyoIDyVP08UuRG16eHgMsROeFbiA0JRe3rHs4JS7VV5VaCsL10_T4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=XJno6S5RvnU&uach_m=[UACH]&cid=CAQSKQBygQiDGop-x4h3_KdqiDaOzwjzRPJvgcn6ZZU9gu8OTOZtHMB6epOYGAE
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 075C 0
0 59ms
22ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gxe8nxp1s74ez49dxmp1fdqy3r44jfq5799za73h4kfy4me28rcq12em1h56mqtt1ya7spht2r34tjmy00gw6eeah901j6d4vhesce61hj34tyzxreah15b66s16n1a1jafz7h1z1e54343p8g5ghdfraqy7xm2mdr2ydwppb8xccxnyvzzpf4y6h0vxqz4a3m3kmg5e5j56kbba2yfm6hz5pvg12sn0ytghsqg4642y9ayh42agkj4edy4je5dkpgd7er1kqejf1bgqg15mrba9gy1e0a9vt4q18vj345dx5369kz1chzy1egk2mvptq0458wp1zana8a538ep3qjhmss6dp667ahe4ppch6xq97mstnc1gj6z0v1r8mxfg179fzy1bxs7mj0&b=ZJ76HgAOEhkH_ZJpAAC_vClRbZeZZ9BPZPItKg
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 3561 2 KB
3 KB 59ms
32ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hkrnn6e0etd8pdf34retfawjv9xm9ecmav5vg94zsw1tqykt4kkbn9njyct8srdb01m1tpa8ewh9qa5sr0qnk1b47e6jtardk51w3ezcva1h0e3h2zgj39b9jvf7w75wm778ws053236ztpz9htdatvyj42qe8jhdcsccwq0zrza7zkc6vdyqqbt41p0kt3b7nrtwg563mmm8agfsc1tnnyeexh451q2vph8m2g9qgs017b6fny43npndxxt56n09vbqwgntyez13etfy5c8x4gk00yygy7xdzxt25qa4t878phaa17cdzspvkqeaw4nvn7fmwhfjtnfm5f0920znc7t9tmsv9pztvprnzcsyrqr44rg0f8pyjfv13cxganj7c52crnrz4qxmkd9r0g07h0z2ty2fvpyyywcdrg0yhpygw5z7v0fx48pyydgvcmdcwr88j1gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12811a2a980b791aec6a246962f29bbbd58cf09c69bca3ab6c7ed6f6d96c79cf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7df792e388f79ba0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 075C 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:46:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C082 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sat, 01 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 075C 20 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 075C 0
0 23ms
21ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRE3nZ9gG9_L8rPvIV1F6tvXnn7l4PtLio1B7FquX_MbR69M248HGbuuhysfsfwGKP1t9ZZGaId2J-Kuy5jrVqzh9gKYA
Requested by: Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 075C 24 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 075C 179 KB
56 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C998 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D76 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OOJWyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8F1E 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClKp_HvqeZIydOtbE7gOg7aLgBbqItI9cnNfu7qkIwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQngAgCoAwHIAwKqBKwCT9BbpbvXeDx9xwWs5gmj_8thXXWa4OYdlwreA0klzyHR1P8-4pr8GIa9GDIbZY9zm2wOVj4-rJ8Klnb_HgDJG4Gq-GLOK5uuHs6lzCIi7wq3GbhQMBUte1sgfSpvZrYd4F68zb9Zi7LihYbjZxIZ5w9IQRwTGcLoRskvcTla3q9Bpn1pngnkKEfhivJKWH2YRVbvfEDvny5TMv7OIvz87NVn29voXW6-hG5D3QdVM8gEQGDiWt_-9BGZXE1pqouhVyFlsnzK78ywChbrP8At6XpBHJLo8oZQ5UgRXj88mo0R0PVJVJvzkLMN5hRIxunetfRoZarB5HqCFWv_HqB8UrnP5Dh8qTMUUEg6OdCbFn4PPdfhhV-M_qJ-KBs2ghoPix26W1vnQniXWRGp4AQBgAa2ufLw3vTjxIsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=aZ4oSBQHUfE&uach_m=[UACH]&cid=CAQSKQBygQiD-4iFgcGG_DG9Ya3_ToAbQGyH8QwG0YAar36VGXLu8WzuA47PGAE
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame 8F1E 42 B
582 B 66ms
8ms Fetch
image/gif 54.93.94.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RkEyMzA3M0E1N0UwREY3NjcyNDU0RTE0QjY4QUI5Njd8R0ZWeXFKcG1zZ3wxNjg4MTQwMzE5MDQ0fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0xMjg2NzMzMDU0X0VYfDU0NDU3fHx8fC4wUHxVU0Q&ei=GOOGLE&wp_exchange=ZJ76HgAOjowKe6JWAAi2oHVlEqPBG2WdEONmqw&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMSMwLjQxNTQxMTE3fElBQjE5IzAuMjAxNDgyMjR8SUFCMTktMTcjMC4yMDE0ODIyNHxJQUI5LTI4IzAuMjAxNDgyMjR8SUFCMS01IzAuMjAxNDgyMjR8SUFCOSMwLjIwMTQ4MjI0&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=xgcartoon.com&s=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&ts=1688140319048&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-BY&rnd=2513898648822853&epid=R0wxMDA5Ng&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=emh8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=1&euid=Q0FFU0VCZGJvUWZvMGtQQlcwWG14TktwaDJV&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=n-eAhxpUoo1F-bp6kwUulQ&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEBdboQfo0kPBW0XmxNKph2U&spidu=GOOGLE&pidu=10096&hmpvu=57097a36-1fa4-4faa-b82b-b80a83b8bfca&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.94.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-94-222.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:51:59 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 8F1E 5 KB
2 KB 74ms
8ms Script
application/javascript 2600:9000:2251:e800:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxMDA5Ng&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&ciu=XRK8N4Rwai&btid=RkEyMzA3M0E1N0UwREY3NjcyNDU0RTE0QjY4QUI5Njd8R0ZWeXFKcG1zZ3wxNjg4MTQwMzE5MDQ0fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0xMjg2NzMzMDU0X0VYfDU0NDU3fHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=xgcartoon.com&cip=1&hmt=1&uidu=CAESEBdboQfo0kPBW0XmxNKph2U&spidu=GOOGLE&pidu=10096&hmpvu=57097a36-1fa4-4faa-b82b-b80a83b8bfca&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:e800:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 208717
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: CV4Le7eLVIsPa6bMsZR_sPd4VEENMJqhrbbKI7rzba4Es5BXPOqP4Q==

GET
H2 200 XassetJtVGFj2g.png
ads.w55c.net/t/d/ Frame 8F1E 29 KB
30 KB 97ms
22ms Image
image/png 2600:9000:2611:cc00:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetJtVGFj2g.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RkEyMzA3M0E1N0UwREY3NjcyNDU0RTE0QjY4QUI5Njd8R0ZWeXFKcG1zZ3wxNjg4MTQwMzE5MDQ0fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0xMjg2NzMzMDU0X0VYfDU0NDU3fHx8fC4wUHxVU0Q&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMSMwLjQxNTQxMTE3fElBQjE5IzAuMjAxNDgyMjR8SUFCMTktMTcjMC4yMDE0ODIyNHxJQUI5LTI4IzAuMjAxNDgyMjR8SUFCMS01IzAuMjAxNDgyMjR8SUFCOSMwLjIwMTQ4MjI0&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fxiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo&ts=1688140319048&c=DE&r=G-BY&epid=R0wxMDA5Ng&mi=d2Vi&wp_exchange=NWP
Requested by: Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:cc00:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 8SPBXJhT_RiSNmerbyVsLrwEkkTx88nO
date: Fri, 30 Jun 2023 05:49:11 GMT
via: 1.1 c7fb0ef8cc8bb7055eaaaf9c7fa117ce.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P2
age: 36280
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 29942
x-amz-meta-height: 90
content-length: 29942
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "1ff110a85bc3d8deeb9bac4954656b3b"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: IOlTCaP7-qesAIn9fHa4VXKq2z1m2mPpj1PzmyUmFjlyplsKGCUbOQ==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 8F1E 95 B
916 B 184ms
37ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=2513898648822853
Requested by: Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Indonesia, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:58 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Mon, 27 Jun 2033 15:51:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 8F1E 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:46:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 8F1E 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8F1E 0
0 32ms
31ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRSuqqvtZzbQxsTAgfIsANm9a4Mmmnf35Zf9C-S4JAkQxCAd3IXfGonP2OsAHn1dLXUIcud56iUu9gf0AITgGi43o0EQ
Requested by: Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8F1E 24 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F1E 179 KB
56 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A037 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LjeYoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 47F8 3 KB
2 KB 71ms
32ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTm1VMU1qUTVZak10TUdReE55MWlOMkpsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1OTM1NjA1ODkzMTIxNTE2MTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eEMxQzlMM1lvamRlNkFVQXR6bnk5dy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTkzNTYwNTg5MzEyMTUxNjE5L3pyaC8wLzMxNy83NC85OTkvMTYyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjg4MTQwMzE5LzE2ODgxNTI5MTkvNC9wdWItNTg4NDI5NDQ3OTM5MTYzOC8xLw/1Te9VNlw7iPHYxhojsA1NSFwAWY&nodeid=4826&group=zrh&auctionid=7593560589312151619&pbs_auctionid=7593560589312151619&shardkey=7593560589312151619&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.393.0 /
Resource Hash: d881845c86ba13d00e7803400670c9d4bfaf30eac1f43f6273a7fc49db10f1e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
x-mm-nodeid: 4826
Content-Encoding: gzip
x-mm-bid-request-time: 1688140319
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Fri, 30 Jun 2023 15:51:59 GMT
Server: MMBD/3.393.0
x-mm-latency: 16 (0)
x-mm-notify-action-done: LD5wfw
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x104, zrh-bidder-x1
x-mm-lag: 0
Expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 47F8 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:46:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 47F8 20 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 47F8 0
0 22ms
21ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR90M-PKqk-L82TN9CiayfdPQgogT-17dtJ64VgdoviGQRqBtlRFqByjjJGjAVtu_dPH_8Bxf4Tk5Dd3_VKiCWW1PfjPA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47F8 179 KB
56 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 3561 114 KB
14 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hkrnn6e0etd8pdf34retfawjv9xm9ecmav5vg94zsw1tqykt4kkbn9njyct8srdb01m1tpa8ewh9qa5sr0qnk1b47e6jtardk51w3ezcva1h0e3h2zgj39b9jvf7w75wm778ws053236ztpz9htdatvyj42qe8jhdcsccwq0zrza7zkc6vdyqqbt41p0kt3b7nrtwg563mmm8agfsc1tnnyeexh451q2vph8m2g9qgs017b6fny43npndxxt56n09vbqwgntyez13etfy5c8x4gk00yygy7xdzxt25qa4t878phaa17cdzspvkqeaw4nvn7fmwhfjtnfm5f0920znc7t9tmsv9pztvprnzcsyrqr44rg0f8pyjfv13cxganj7c52crnrz4qxmkd9r0g07h0z2ty2fvpyyywcdrg0yhpygw5z7v0fx48pyydgvcmdcwr88j1gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hkrnn6e0etd8pdf34retfawjv9xm9ecmav5vg94zsw1tqykt4kkbn9njyct8srdb01m1tpa8ewh9qa5sr0qnk1b47e6jtardk51w3ezcva1h0e3h2zgj39b9jvf7w75wm778ws053236ztpz9htdatvyj42qe8jhdcsccwq0zrza7zkc6vdyqqbt41p0kt3b7nrtwg563mmm8agfsc1tnnyeexh451q2vph8m2g9qgs017b6fny43npndxxt56n09vbqwgntyez13etfy5c8x4gk00yygy7xdzxt25qa4t878phaa17cdzspvkqeaw4nvn7fmwhfjtnfm5f0920znc7t9tmsv9pztvprnzcsyrqr44rg0f8pyjfv13cxganj7c52crnrz4qxmkd9r0g07h0z2ty2fvpyyywcdrg0yhpygw5z7v0fx48pyydgvcmdcwr88j1gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 189533
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B7h09yo5XP0qN%2FHlx0OYddoWxguHZR9Des2KJpumNDJKulcgMCt37%2BBizRCaBApgwHIjKOi%2FbsJz%2FfoGdtNu5qaR16sebFlnfGYx%2FXKuwDeDgrwoVrhPv8ZiUL%2BriH3tLA0VcuL0nA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7df792e3e9609ba0-FRA
expires: Fri, 30 Jun 2023 16:51:59 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 3561 25 KB
10 KB 26ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hkrnn6e0etd8pdf34retfawjv9xm9ecmav5vg94zsw1tqykt4kkbn9njyct8srdb01m1tpa8ewh9qa5sr0qnk1b47e6jtardk51w3ezcva1h0e3h2zgj39b9jvf7w75wm778ws053236ztpz9htdatvyj42qe8jhdcsccwq0zrza7zkc6vdyqqbt41p0kt3b7nrtwg563mmm8agfsc1tnnyeexh451q2vph8m2g9qgs017b6fny43npndxxt56n09vbqwgntyez13etfy5c8x4gk00yygy7xdzxt25qa4t878phaa17cdzspvkqeaw4nvn7fmwhfjtnfm5f0920znc7t9tmsv9pztvprnzcsyrqr44rg0f8pyjfv13cxganj7c52crnrz4qxmkd9r0g07h0z2ty2fvpyyywcdrg0yhpygw5z7v0fx48pyydgvcmdcwr88j1gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 340100
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vI%2BfBwKDsg7j8ewQ326x9VeLcT%2BRok%2FdeLj%2BzOmAuxdy3HJFvNInkAdihKLqA%2Bf3kuzflJpslsHuBlQqyO5k0OYyDeEM9wSeXOipNiarNHEiAfBtplSfxZ4T4oBvxocu9%2BNVJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7df792e3f96d9ba0-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 20 Jun 2023 13:46:18 GMT

GET
H3 200 container.html Show response
d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A170 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: Sat, 29 Jun 2024 15:51:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C082
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOEwZ7tdXbtZVG6qTErxyZ4&google_cver=1&google_push=AaAOQGGeaU4THapvXzynC5i8BfUSBjA_B5ExY57jUGg1Rw9aNU46OUH_AExzhZA0VpGHsK9Pf-JGDEBbn_gLFQ5v...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGeaU4THapvXzynC5i8BfUSBjA_B5ExY57jUGg1Rw9aNU46OUH_AExzhZA0VpGHsK9Pf-JGDEBbn_gLFQ5vgWtOsry73A

170 B
232 B

27ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGeaU4THapvXzynC5i8BfUSBjA_B5ExY57jUGg1Rw9aNU46OUH_AExzhZA0VpGHsK9Pf-JGDEBbn_gLFQ5vgWtOsry73A

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGeaU4THapvXzynC5i8BfUSBjA_B5ExY57jUGg1Rw9aNU46OUH_AExzhZA0VpGHsK9Pf-JGDEBbn_gLFQ5vgWtOsry73A
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C082
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHkjiJf3bpN0QHkO3eds8cI&google_push=AaAOQGHv4AwbCw5EHy5FZUkcSyW8ciGWAi2Tx_df0w1whs8w-cAMuLCtCE...

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHkjiJf3bpN0QHkO3eds8cI&google_push=AaAOQGHv4AwbCw5EHy5FZUkcSyW8ciGWAi2Tx_df0w1whs8w-cAMuLCtCEx07_fLITtSgn1F53TnEyt9QRhOy1s17JlVrJgYRgI

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230024-FRA
pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688140319.393451,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHkjiJf3bpN0QHkO3eds8cI&google_push=AaAOQGHv4AwbCw5EHy5FZUkcSyW8ciGWAi2Tx_df0w1whs8w-cAMuLCtCEx07_fLITtSgn1F53TnEyt9QRhOy1s17JlVrJgYRgI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C082
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIQJTPBMjWf8p34FDbKgwhQ&google_cver=1&google_push=AaAOQGHeUCfvP15p2AYSp6Uaqt5rsJ9QOMWnmeyyzkqtRTEE2wdjpKbPWMxcEKMVxfWUwGemN1A...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUjVRWVAtMy1NRE83&google_push=AaAOQGHeUCfvP15p2AYSp6Uaqt5rsJ9QOMWnmeyyzkqtRTEE2wdjpKbPWMxcEKMVxfWUwGemN1AdD8YpVDz45hVr2L_Dp9rA7Xw

170 B
232 B

26ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUjVRWVAtMy1NRE83&google_push=AaAOQGHeUCfvP15p2AYSp6Uaqt5rsJ9QOMWnmeyyzkqtRTEE2wdjpKbPWMxcEKMVxfWUwGemN1AdD8YpVDz45hVr2L_Dp9rA7Xw

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUjVRWVAtMy1NRE83&google_push=AaAOQGHeUCfvP15p2AYSp6Uaqt5rsJ9QOMWnmeyyzkqtRTEE2wdjpKbPWMxcEKMVxfWUwGemN1AdD8YpVDz45hVr2L_Dp9rA7Xw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C082
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEBo0-xaD2gGCP8SoKhofw4I&google_cver=1&google_push=AaAOQGGPFRMSZNd2gwDqvMLCmr6S_nw1JanW_2S8IhiyaubbEwjPIVMCiTR-6XiYBqdFBM8moXgRv1QPvTB_SsDXHqGD3p...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBo0-xaD2gGCP8SoKhofw4I&google_cver=1&google_push=AaAOQGGPFRMSZNd2gwDqvMLCmr6S_nw1JanW_2S8IhiyaubbEwjPIVMCiTR-6XiYBqdFBM8moXgRv1QPvTB_SsDX...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mF4eF1qLQ7KL0bipnEAqTQ&google_push=AaAOQGGPFRMSZNd2gwDqvMLCmr6S_nw1JanW_2S8IhiyaubbEwjPIVMCiTR-6XiYBqdFBM8moXgRv1QPvTB_SsD...

170 B
188 B

26ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mF4eF1qLQ7KL0bipnEAqTQ&google_push=AaAOQGGPFRMSZNd2gwDqvMLCmr6S_nw1JanW_2S8IhiyaubbEwjPIVMCiTR-6XiYBqdFBM8moXgRv1QPvTB_SsDXHqGD3pG0nQ

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mF4eF1qLQ7KL0bipnEAqTQ&google_push=AaAOQGGPFRMSZNd2gwDqvMLCmr6S_nw1JanW_2S8IhiyaubbEwjPIVMCiTR-6XiYBqdFBM8moXgRv1QPvTB_SsDXHqGD3pG0nQ
access-control-allow-origin: *
date: Fri, 30 Jun 2023 15:51:59 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C082
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDDQOF8J4MQEE_Bws2nM6LA&google_cver=1&google_push=AaAOQGEtpv3fUtGr5PDcuXNuF0KuG9IqjHqiKTh7nTvnp4Q5A1g7upgFsMsbpXPovuyDp1piLBOy8GfX4_53kg-ok6USEyO4_ME
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEtpv3fUtGr5PDcuXNuF0KuG9IqjHqiKTh7nTvnp4Q5A1g7upgFsMsbpXPovuyDp1piLBOy8GfX4_53kg-ok6USEyO4_ME...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGEtpv3fUtGr5PDcuXNuF0KuG9IqjHqiKTh7nTvnp4Q5A1g7upgF...

170 B
329 B

27ms
25ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGEtpv3fUtGr5PDcuXNuF0KuG9IqjHqiKTh7nTvnp4Q5A1g7upgFsMsbpXPovuyDp1piLBOy8GfX4_53kg-ok6USEyO4_ME

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGEtpv3fUtGr5PDcuXNuF0KuG9IqjHqiKTh7nTvnp4Q5A1g7upgFsMsbpXPovuyDp1piLBOy8GfX4_53kg-ok6USEyO4_ME
date: Fri, 30 Jun 2023 15:51:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

report
sync.teads.tv/um/ Frame C082
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOMZTSdyBDYE...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEG6priY-r1zxD0GryV__SRsp4gXhr8VgFb8ys9Ga5y2Ml55W63h7CuOtgqXQFdAlUlGLdkq7FYyieKKSk-qUYxUdXiTe9k
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

33ms
31ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 30 Jun 2023 15:51:59 GMT
pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C082
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECsxN0cCk...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECs...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=501c070f-4ec7-4800-92c6-d23e8a9c9459&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

25ms
25ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=501c070f-4ec7-4800-92c6-d23e8a9c9459&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=501c070f-4ec7-4800-92c6-d23e8a9c9459&%%GOOGLE_PUSH_PAIR%%
date: Fri, 30 Jun 2023 15:51:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C082 0
130 B 77ms
24ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHUhTJXno5hi72tInlhkykeqqr6hSaiGWV8dshwRbv-clxU4TmyRf2OAM4IfaXWnj4cSKyDX8

Requested by

Host: a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
URL: https://a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 47F8 0
0 62ms
60ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClZNfH_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBM0BT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_IpYV8lYUDTNaAFQISDIZC91n824enSTbdm45YcgMgGNF5L4nDQEYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=2pxrK9zCwKI&uach_m=[UACH]&cid=CAQSKQBygQiD052Kys6SJ-du25OA5DOxUVimeOcQec7TGB2vvilg2YxUSrXCGAE&tpd=AGWhJmtbpI69XQTEb2rTQSiscgPQ28QTpVlSjEvvvnZ67ombZwO5IPLUZgu3FljXcRfgb4yOtXjx8jgHY13iijqrFaD-vYB2nkHd8I6xVSzWEuA4_ApsNQdCjU9qbCWkTp8pU_q8CCuv19mKnLU_4BGKMzx2By8U0ySVdCjCtluH23J5i68ozVNcPcrvtc4ywtlAsuTQF-79CtB77RB4_ojXygPAEvFCjVWFp6mccgW5QgP5S9e-51DWUnwthlfLVYQGWG9j-UMjW4rdsOdXDvhGVCjsnSf5ngVdCWxfDawU3SRS8aNL4bnCXdydsq_7CxhPksd_sIvjb-b5naWzoqoIMivB_NTIKsMjPCEgTaf6G7kSVOxebFPSJH3xlugM0dN5LXQDHzguywmogEqoYqLlu60eqkLoRSD5HK9Q3HQqBWKzs1sQWMSX2a-GvXMU2Wih53yO_gJYodzU7AlHbrxufXKIqFtDGzvknsoZrRDgv_cUk_co9ipFP8yg716eux_BY4FOqTW4AwH3Ntx1fR9Hzi-Hvp6FN61LUGzRQerOUpP20djAUV-ziNhAg7Nd71Dpd9-5uuwGmN4VWak24sbpGAFtibLO5YpKERzUDiRHU1Dq1b_HCg8OPVO9K54kryCBi83qhLb-53FlPBrKv_N_B0eaK5e7sHrABKf-5UB4QMQCwiK4Vwajir5VpP1YdmhJLA6TyBJu41T3Jpsy1fOXMBZUjWJc_stnny5TYvvsB549JNvzIx3bzEHhSUmaxYxCE44sOPWm24mECUlZ4G4UZDmOR_T_hWThukH4ABOZwg4k9KDYZUevJp8RwKGwGs_OtMwCso-r5FNo60daGCePa2lqNMwBFpDHKVnv1AAe3vhQ9KxdxDyqh5yPzMTVbK55phE8SBCaMkWQ0Dc8Z15qnLd7oKO70_bMW8_wil7U8y79vcgsOElzNL7qsVzlh8Pc2nDPMf2Qi7w5khfK6DqufYHkic4K0NdQ-MCcDxj_KdwYmBF_xpAfCIXkVbIDChHJ9fnriIJXQ2LdXm66GOrm9SekZuL5j4MeZabBzOzuMJpIvPL_pqLpb7lPLkwRLfhIWT61Vlek0oBDq39OIRYS7nfH1eXdPtoOu6xC1UxkpVRU4XCvJKTomcX5_w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 15:51:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A512 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 14:50:14 GMT
expires: Sat, 29 Jun 2024 14:50:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ECF7 783 B
535 B 27ms
26ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d1540abe66cfe03f7687c09cea607b10baf9365b66fbce0231857be40b72b8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gOYX6Rl3A6nbvssnMqDFPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-gOYX6Rl3A6nbvssnMqDFPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: Fri, 30 Jun 2023 15:51:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A170 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcvVjH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEvQJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGee1G9KHzhHjtcl4PpEzRL9lrwG4pS2FZu2s1vDvotiaB945Jsnfa-AEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=nrvuUgBCuko&uach_m=[UACH]&cid=CAQSKQBygQiDtLlnczEuXOM9EVRpLR81SG2npXsE5szMpSHXXOfGn0qq1jImGAE
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame A170 0
0 21ms
20ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gfr9b5ykmsnzjmwg6hyxfjx4bamy8fjae1sgw3dyh6c17t5tpgcq08je9wz47d6x53rvjprzyae5yrzxabsjrz3v904c3d98p3bt9arp6e0zs7qtnz2srnn1w23ta8m2pszezw21gpw07sgamcj46n6p0a28pbfcvqwqa5eqx769cpe714dssec1crpqhf7cqw9hkcyjh59dhqtepwskdtqxdk0h5jnr3a74dh48emcbkrp18kqyhmzjemvmv9927nftess8cvfz1fdtnvekdhf2vghfh24a144rv182mhgybwa09z5y5n9v7hgxsxg2amnycz6rk913df4ssebdrkg0cacyn553gy3a0d1r1j2q0205rsf3z112en23722ebxvennqwg&b=ZJ76HwABelAIu-zyAAItHi1N68Q4Tpa4S6eHtw
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 39BE 2 KB
3 KB 29ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jrdp73bm3mns93cqw4s4rfpbp6pd6xn0q898x0y7098js8d1zpxmw581asbgf53t26eqxpk3eskp350szyfmv0b0bsm7jpb4f4xsq0nya19zghfh71qr0kbbwcrtqmq6qbg0e6ce8y04gy8g5bxypxbacvrvrrff35y8r79js5avtfms2vtd3n3ms7ytmj9bh5xtdkstazt2zpjxwebg341xnvwwyxaskx7cm82161h67wtgps11gay8y45k0we0fvfk6tsz56kzpsyx2pj37bnckc3d1msfhgzdktdzxavvg66661eqkdnztb66j748t6hkcpe0gbm073s241vxmrwqx36nw7wb2fynjkdv20jmqwkrg1k0f1t9j6z8dhvny42md3a5v2cyk07a08erhq6hvsbppvhwbzxj9y1ywrwp86441mbp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f5c4b801cee75a0e8c0cdc0eb7c819f377daa7c1f1ef63a426ff8e92a8b0bc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7df792e46aa391d2-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A170 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:46:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3781 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sat, 01 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame A170 20 KB
8 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A170 0
0 23ms
21ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGgW1dX5EOZDvEp0K1GrGcdH3bXMk-FKiMrppbl6U6tgSaPoBVidgQmR8xaoI9lLDIc-o1spxWK0ZzLUJlywv4u7UTsw
Requested by: Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A170 24 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A170 179 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 47F8 10 KB
3 KB 48ms
13ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=7593560589312151619&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DQpQhO_fOK61HpzSN8iDP9g%26exch_seat%3D20035004448%26mt_aid%3D7593560589312151619%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_cid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%2526client%253Dca-pub-5884294479391638%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/xiuzhenliaotianqun_dongtaimanhua_di1ji-shengqishidechuanshuo
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 52795debbe7d648aa1f1af1b3e7c173617fde99a86ea12a69d2a6f414d4a6e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3373
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 47F8 49 B
329 B 57ms
30ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7593560589312151619&node_id=4826&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTm1VMU1qUTVZak10TUdReE55MWlOMkpsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1OTM1NjA1ODkzMTIxNTE2MTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eEMxQzlMM1lvamRlNkFVQXR6bnk5dy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTkzNTYwNTg5MzEyMTUxNjE5L3pyaC8wLzMxNy83NC85OTkvMTYyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjg4MTQwMzE5LzE2ODgxNTI5MTkvNC9wdWItNTg4NDI5NDQ3OTM5MTYzOC8xLw/1Te9VNlw7iPHYxhojsA1NSFwAWY&nodeid=4826&group=zrh&auctionid=7593560589312151619&pbs_auctionid=7593560589312151619&shardkey=7593560589312151619&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.393.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Server: MMBD/3.393.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x104, zrh-bidder-x1
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 47F8 7 KB
3 KB 189ms
32ms Script
text/javascript 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&ap=&ti=7593560589312151619&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&pp=pub-5884294479391638&sr=4&de=43000&si=464927259&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a00:c98:2050::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTm1VMU1qUTVZak10TUdReE55MWlOMkpsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1OTM1NjA1ODkzMTIxNTE2MTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eEMxQzlMM1lvamRlNkFVQXR6bnk5dy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTkzNTYwNTg5MzEyMTUxNjE5L3pyaC8wLzMxNy83NC85OTkvMTYyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjg4MTQwMzE5LzE2ODgxNTI5MTkvNC9wdWItNTg4NDI5NDQ3OTM5MTYzOC8xLw/1Te9VNlw7iPHYxhojsA1NSFwAWY&nodeid=4826&group=zrh&auctionid=7593560589312151619&pbs_auctionid=7593560589312151619&shardkey=7593560589312151619&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4725368d82df748cf3d5c994272e394b37321221e7ff112fbd5888df7c5e332a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:51:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 3010
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 47F8 43 B
418 B 53ms
19ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7593560589312151619&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTm1VMU1qUTVZak10TUdReE55MWlOMkpsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1OTM1NjA1ODkzMTIxNTE2MTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eEMxQzlMM1lvamRlNkFVQXR6bnk5dy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTkzNTYwNTg5MzEyMTUxNjE5L3pyaC8wLzMxNy83NC85OTkvMTYyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjg4MTQwMzE5LzE2ODgxNTI5MTkvNC9wdWItNTg4NDI5NDQ3OTM5MTYzOC8xLw/1Te9VNlw7iPHYxhojsA1NSFwAWY&nodeid=4826&group=zrh&auctionid=7593560589312151619&pbs_auctionid=7593560589312151619&shardkey=7593560589312151619&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 47F8 49 B
328 B 60ms
31ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7593560589312151619&st=4562306&time=1688140319&nodeid=4826
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTm1VMU1qUTVZak10TUdReE55MWlOMkpsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1OTM1NjA1ODkzMTIxNTE2MTkvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eEMxQzlMM1lvamRlNkFVQXR6bnk5dy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTkzNTYwNTg5MzEyMTUxNjE5L3pyaC8wLzMxNy83NC85OTkvMTYyLzJhMDA6Yzk4OjIwNTA6Oi8wLjAwMC8xNjg4MTQwMzE5LzE2ODgxNTI5MTkvNC9wdWItNTg4NDI5NDQ3OTM5MTYzOC8xLw/1Te9VNlw7iPHYxhojsA1NSFwAWY&nodeid=4826&group=zrh&auctionid=7593560589312151619&pbs_auctionid=7593560589312151619&shardkey=7593560589312151619&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.393.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Server: MMBD/3.393.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x29, zrh-bidder-x1
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 30 Jun 2023 15:51:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8F85 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sat, 01 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8F1E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34b3beff5a4bba1cab3997b3745355e0b710db414fc828558c14d44b951c704f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 39BE 114 KB
14 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jrdp73bm3mns93cqw4s4rfpbp6pd6xn0q898x0y7098js8d1zpxmw581asbgf53t26eqxpk3eskp350szyfmv0b0bsm7jpb4f4xsq0nya19zghfh71qr0kbbwcrtqmq6qbg0e6ce8y04gy8g5bxypxbacvrvrrff35y8r79js5avtfms2vtd3n3ms7ytmj9bh5xtdkstazt2zpjxwebg341xnvwwyxaskx7cm82161h67wtgps11gay8y45k0we0fvfk6tsz56kzpsyx2pj37bnckc3d1msfhgzdktdzxavvg66661eqkdnztb66j748t6hkcpe0gbm073s241vxmrwqx36nw7wb2fynjkdv20jmqwkrg1k0f1t9j6z8dhvny42md3a5v2cyk07a08erhq6hvsbppvhwbzxj9y1ywrwp86441mbp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jrdp73bm3mns93cqw4s4rfpbp6pd6xn0q898x0y7098js8d1zpxmw581asbgf53t26eqxpk3eskp350szyfmv0b0bsm7jpb4f4xsq0nya19zghfh71qr0kbbwcrtqmq6qbg0e6ce8y04gy8g5bxypxbacvrvrrff35y8r79js5avtfms2vtd3n3ms7ytmj9bh5xtdkstazt2zpjxwebg341xnvwwyxaskx7cm82161h67wtgps11gay8y45k0we0fvfk6tsz56kzpsyx2pj37bnckc3d1msfhgzdktdzxavvg66661eqkdnztb66j748t6hkcpe0gbm073s241vxmrwqx36nw7wb2fynjkdv20jmqwkrg1k0f1t9j6z8dhvny42md3a5v2cyk07a08erhq6hvsbppvhwbzxj9y1ywrwp86441mbp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 189533
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pIF9l1lYoT%2FNtwEBNd3v76XGRDmVjq%2Few9dh0hx7b7J9bZUPbvVuYlIYrwcsTNd9h8fgX8G%2B6LdiFE7Iu%2Fk9aP8TWDC%2FuE%2FNs8XnA2ZytmNp94zWSPWabNkfQXwOcpDf2ax7DZt9VA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7df792e4aae991d2-FRA
expires: Fri, 30 Jun 2023 16:51:59 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 39BE 25 KB
10 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jrdp73bm3mns93cqw4s4rfpbp6pd6xn0q898x0y7098js8d1zpxmw581asbgf53t26eqxpk3eskp350szyfmv0b0bsm7jpb4f4xsq0nya19zghfh71qr0kbbwcrtqmq6qbg0e6ce8y04gy8g5bxypxbacvrvrrff35y8r79js5avtfms2vtd3n3ms7ytmj9bh5xtdkstazt2zpjxwebg341xnvwwyxaskx7cm82161h67wtgps11gay8y45k0we0fvfk6tsz56kzpsyx2pj37bnckc3d1msfhgzdktdzxavvg66661eqkdnztb66j748t6hkcpe0gbm073s241vxmrwqx36nw7wb2fynjkdv20jmqwkrg1k0f1t9j6z8dhvny42md3a5v2cyk07a08erhq6hvsbppvhwbzxj9y1ywrwp86441mbp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 74754
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47nlbDr%2FYmdn2sYDYdr5t9R606Dkn00cpZ%2BeTX7Xm0KkD9CdsxlUe0aN0pZVipp4LEMp6EfdYatOCJRRil%2B6dS2wthQECuWOqu1fxHcgOus4fVGi%2BtPmeh%2FnIgF99rahUkoAfe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7df792e4aaeb91d2-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 27 Jun 2023 13:46:21 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 96F6 2 KB
1 KB 15ms
14ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 161656
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7df792e4cb0b91d2-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8QIqGMxIRiXVUeQfk2M3KhrT67O%2FzR6bLbPWW8CR10G50yu9aRR%2F54nLypERIOiM9yImoGX0jdK1ZdxxbKd8wMWkNkPznZ9LGMXKKFkEfaNBHMaM%2BNSm2j9ioVXse%2FjbiFIMc0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 82FE 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=1973212705999604&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3781
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPtbkbsYJDmKulPwgH0vToE&google_cver=1&google_push=AaAOQGFc7Be_Xqbir4AyieJ48KeNfRdB3PbE-iR55zaKr3lP1FG_EMTw0dqUPpulXL8-bdUSBV9k8gvQ-KCxZEXG9WHCKSVGG4ek
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk4OTE5NjY0MzkxNzA2MzA1NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPtbkbsYJDmKulPwgH0vToE&google_cver=1

43 B
398 B

50ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPtbkbsYJDmKulPwgH0vToE&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Jun 2023 15:51:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPtbkbsYJDmKulPwgH0vToE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3781
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENl3kINV0NV7TUDf2CO6_l4&google_cver=1&google_push=AaAOQGH8x3NBPrbxNI9Wzg4X6vNWJqztY-c89DeQSGo4OmYelngyM1LxN7GTcNCSmDG4Xr0xFX8tQGRELPf...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGH8x3NBPrbxNI9Wzg4X6vNWJqztY-c89DeQSGo4OmYelngyM1LxN7GTcNCSmDG4Xr0xFX8tQGRELPfc_8M0PVjrHs0XxLs&google_hm=AZZW409yQMmlQ1YW9w8L8oI

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGH8x3NBPrbxNI9Wzg4X6vNWJqztY-c89DeQSGo4OmYelngyM1LxN7GTcNCSmDG4Xr0xFX8tQGRELPfc_8M0PVjrHs0XxLs&google_hm=AZZW409yQMmlQ1YW9w8L8oI

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGH8x3NBPrbxNI9Wzg4X6vNWJqztY-c89DeQSGo4OmYelngyM1LxN7GTcNCSmDG4Xr0xFX8tQGRELPfc_8M0PVjrHs0XxLs&google_hm=AZZW409yQMmlQ1YW9w8L8oI
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3781
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESELHXfIfjCi5MCIiYcEvf80I&google_cver=1&google_push=AaAOQGFu6Hpn5gaVupX8qE0VdvpV5qw6HhQOWZYsZ3CWMQn7ccBGLSeuhXhED32cTu42c8lpCVnge2_DBHUrwjKdRt9_5zY...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELHXfIfjCi5MCIiYcEvf80I&google_cver=1&google_push=AaAOQGFu6Hpn5gaVupX8qE0VdvpV5qw6HhQOWZYsZ3CWMQn7ccBGLSeuhXhED32cTu42c8lpCVnge2_DBHUrwjKdRt9_5...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFu6Hpn5gaVupX8qE0VdvpV5qw6HhQOWZYsZ3CWMQn7ccBGLSeuhXhED32cTu42c8lpCVnge2_DBHUrwjKdRt9_5zYsVzE

170 B
188 B

28ms
28ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFu6Hpn5gaVupX8qE0VdvpV5qw6HhQOWZYsZ3CWMQn7ccBGLSeuhXhED32cTu42c8lpCVnge2_DBHUrwjKdRt9_5zYsVzE

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFu6Hpn5gaVupX8qE0VdvpV5qw6HhQOWZYsZ3CWMQn7ccBGLSeuhXhED32cTu42c8lpCVnge2_DBHUrwjKdRt9_5zYsVzE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3781 43 B
245 B 70ms
19ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEENwrK-4pdp3vb35pn0OHxo&google_cver=1&google_push=AaAOQGFNE8_5re3-3rpKh1lcYayqD_4sIFFiWINW827iaq8rKsjVcNNO7qR3QU3hkLb1nHq-douBlrzBlajjuDSmJ1sTJbgaH6jR
Requested by: Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3781
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOsYBIwvH6tqSwiQfmlz3w&google_cver=1&google_push=AaAOQGEI2r-QGK_v2QDumco57e6JztuCnWiHzsDHFqCcznddDuKkoDKqSa11xZGW63sDzECbjXFiQHs0KbZVVsed4...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOsYBIwvH6tqSwiQfmlz3w&google_cver=1&google_push=AaAOQGEI2r-QGK_v2QDumco57e6JztuCnWiHzsDHFqCcznddDuKkoDKqSa11xZGW63sDzECbjXFiQHs0KbZVVsed4...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEI2r-QGK_v2QDumco57e6JztuCnWiHzsDHFqCcznddDuKkoDKqSa11xZGW63sDzECbjXFiQHs0KbZVVsed4dKNNxVweqc&google_hm=G5y3pGZHFHnuOE_-RU2c2nKN

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEI2r-QGK_v2QDumco57e6JztuCnWiHzsDHFqCcznddDuKkoDKqSa11xZGW63sDzECbjXFiQHs0KbZVVsed4dKNNxVweqc&google_hm=G5y3pGZHFHnuOE_-RU2c2nKN

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGEI2r-QGK_v2QDumco57e6JztuCnWiHzsDHFqCcznddDuKkoDKqSa11xZGW63sDzECbjXFiQHs0KbZVVsed4dKNNxVweqc&google_hm=G5y3pGZHFHnuOE_-RU2c2nKN
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3781
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKMnB42EXNXkdgFLM3KlLAE&google_cver=1&google_push=AaAOQGHOzjXtoV14i8_uYZghXS8uP_V0mtXCbJ2Azi5fDBQsLN-BBBsxwLN2sNb8B7BwzYai-gVN0sT16LcXLT95...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHOzjXtoV14i8_uYZghXS8uP_V0mtXCbJ2Azi5fDBQsLN-BBBsxwLN2sNb8B7BwzYai-gVN0sT16LcXLT95XOp3Vl4891Gz

170 B
188 B

25ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHOzjXtoV14i8_uYZghXS8uP_V0mtXCbJ2Azi5fDBQsLN-BBBsxwLN2sNb8B7BwzYai-gVN0sT16LcXLT95XOp3Vl4891Gz

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHOzjXtoV14i8_uYZghXS8uP_V0mtXCbJ2Azi5fDBQsLN-BBBsxwLN2sNb8B7BwzYai-gVN0sT16LcXLT95XOp3Vl4891Gz
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: JF-japQV39OAX0wOtIav6JcpLRqz0Ie69GdP_1AB8iB4iY4ZdtVQCA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3781
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDDQOF8J4MQEE_Bws2nM6LA&google_cver=1&google_push=AaAOQGFodatCpiK0Y3Ayq5_rm8vdIO_cdYOa-bsqPjxcEfv7c1GCwHCvC1mJuSLnr6tILW8UHCBobN9q63LGTJ1SC-Pdhzmyv04Q
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGFodatCpiK0Y3Ayq5_rm8vdIO_cdYOa-bsqPjxcEfv7c1GCwHCv...

170 B
188 B

23ms
22ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGFodatCpiK0Y3Ayq5_rm8vdIO_cdYOa-bsqPjxcEfv7c1GCwHCvC1mJuSLnr6tILW8UHCBobN9q63LGTJ1SC-Pdhzmyv04Q

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGFodatCpiK0Y3Ayq5_rm8vdIO_cdYOa-bsqPjxcEfv7c1GCwHCvC1mJuSLnr6tILW8UHCBobN9q63LGTJ1SC-Pdhzmyv04Q
date: Fri, 30 Jun 2023 15:51:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3781 0
12 B 24ms
23ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOB2E7S1RjrNNrN8eCPTaUDP5CACYFRdPPTf9dodIb4yNs4_KAFUG0oVJ3uDMmUtRplK7-

Requested by

Host: d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
URL: https://d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8F85 35 B
464 B 74ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBDJc1wg2XW751m7VjRqZ0I&google_cver=1&google_push=AaAOQGFxhP8qvk0qXzebdrdY37hdjAaSZ5Un7OaNiBqKmQRSpjDv0nVbjn9oAHzwfkwHA9udPpnDJ3HaGsDSownqf2ROi67V_jI

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F85
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEkonzTzeHgMB2Ce1h5m_7s&google_cver=1&google_push=AaAOQGHMnIXR634tTcWZWoda3rzxrTgXVmsossIUXNcPzIIpsLZC4Pkf6LQRhcM_q6nCgAXi_fTo2Y8jLM0hdH2r-RFy...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084925904550566&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHMnIXR634tTcWZWoda3rzxrTgXVmsossIUXNcPzIIpsLZC4Pkf6LQRhcM_q6nCgAXi_fTo2Y8jLM0hdH2r-RFyzjRn3YhZ&google_hm=UBwHD07HSACSxtI-ipyUWQ==

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHMnIXR634tTcWZWoda3rzxrTgXVmsossIUXNcPzIIpsLZC4Pkf6LQRhcM_q6nCgAXi_fTo2Y8jLM0hdH2r-RFyzjRn3YhZ&google_hm=UBwHD07HSACSxtI-ipyUWQ==

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGHMnIXR634tTcWZWoda3rzxrTgXVmsossIUXNcPzIIpsLZC4Pkf6LQRhcM_q6nCgAXi_fTo2Y8jLM0hdH2r-RFyzjRn3YhZ&google_hm=UBwHD07HSACSxtI-ipyUWQ==
date: Fri, 30 Jun 2023 15:51:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8F85 43 B
363 B 67ms
17ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEBn7KsWejXjWuVFOmQXMLtE&google_cver=1&google_push=AaAOQGHr1hCBIIe658OCtg1-tSTb9xBAFna2Utn4Wknnw9uT1ePD2TAz39GtIyqIsXploih21SISdM9IUpu6SPpeuvU9y7A4TxnX

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 226996
expires: Fri, 30 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F85
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOsYBIwvH6tqSwiQfmlz3w&google_cver=1&google_push=AaAOQGHQZOngZd-OL3molkp-a5KwAR5eZbkzcvXtCL-Vpoxl6aGzXSANo2_I1nqVy8lmmqL3CwVi-UKj4gYGaWSV6...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMOsYBIwvH6tqSwiQfmlz3w&google_cver=1&google_push=AaAOQGHQZOngZd-OL3molkp-a5KwAR5eZbkzcvXtCL-Vpoxl6aGzXSANo2_I1nqVy8lmmqL3CwVi-UKj4gYGaWSV6...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHQZOngZd-OL3molkp-a5KwAR5eZbkzcvXtCL-Vpoxl6aGzXSANo2_I1nqVy8lmmqL3CwVi-UKj4gYGaWSV60a72jOfnACm&google_hm=G5y3pGZHFHnuOE_-RU2c2nKN

170 B
188 B

23ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHQZOngZd-OL3molkp-a5KwAR5eZbkzcvXtCL-Vpoxl6aGzXSANo2_I1nqVy8lmmqL3CwVi-UKj4gYGaWSV60a72jOfnACm&google_hm=G5y3pGZHFHnuOE_-RU2c2nKN

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHQZOngZd-OL3molkp-a5KwAR5eZbkzcvXtCL-Vpoxl6aGzXSANo2_I1nqVy8lmmqL3CwVi-UKj4gYGaWSV60a72jOfnACm&google_hm=G5y3pGZHFHnuOE_-RU2c2nKN
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 8F85 0
125 B 77ms
12ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA5WXj9ihmRwiQzZMHGEYXE&google_cver=1&google_push=AaAOQGGEFuQAozs282vY4tfgKdPiPX7agad4r3D8cPIb2_VYmc1X0w_KeVVy1LD-or3N2VOL_PHCtMFVFaVHwDBqHr-vwj5C1iA7bw

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET /
onetag-sys.com/match/ Frame 8F85 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 8F85
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOMZTSdyBDYE...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEGOMmL3HtzPeYHlVLH7hZXWTtmuy_r4cW9VaN4TTP62lr4sDe1h-kEjdsCoDU6n4uGscpn-TplsLz8LO4zi9wPWHOlyZkY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

31ms
31ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 30 Jun 2023 15:51:59 GMT
pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8F85 0
12 B 23ms
22ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHIX7RJ0Zsn3YP_6LZj-QfQgf4G1HP1xhqXNEnGf4O90bThXBDJguvs1PKLh20V5abykVx-lA1

Requested by

Host: fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
URL: https://fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK request.php Show response
hal900011.redintelligence.net/ Frame 47F8 4 KB
2 KB 127ms
92ms Script
application/x-javascript 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a3ad5fa280&subid=&uid=044c077972ee2a1c&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DQpQhO_fOK61HpzSN8iDP9g%26exch_seat%3D20035004448%26mt_aid%3D7593560589312151619%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_cid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%2526client%253Dca-pub-5884294479391638%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D250%26slotname%3D3654094576%26adk%3D354510378%26adf%3D816031632%26pi%3Dt.ma~as.3654094576%26w%3D300%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688140318784%26bpp%3D10%26bdt%3D181%26idt%3D192%26shv%3Dr20230627%26mjsv%3Dm202306220101%26ptt%3D5%26saldr%3Dsa%26is_amp%3D1%26correlator%3D2475%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1574007881%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759927%252C44759842%252C44759876%252C31075623%252C31075643%252C42531706%252C44788441%26oid%3D2%26pvsid%3D402142884144516%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257C%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.mluxl5tghi2l%26fsb%3D1%26dtd%3D204&ancestorOrigins=null&random=2110701679978&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=7593560589312151619&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DQpQhO_fOK61HpzSN8iDP9g%26exch_seat%3D20035004448%26mt_aid%3D7593560589312151619%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_cid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%2526client%253Dca-pub-5884294479391638%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e0be2a7430ebc21673c74cf4a3ff644af842be5fc8dc1f661b711e52d64f65df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:51:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 41322400097839900951393012371011
Connection: close
Content-Length: 1192
Expires: Fri, 30 Jun 2023 16:51:59 +0200

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ECF7 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=1260289334728956&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A170 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14b65418b226b9b98ed0a26834746b01393dc9b4e97e554b5478118eff018521

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame A512 37 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 14:55:26 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 39BE 3 KB
4 KB 43ms
16ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 596
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2Crmnpz18jzwkcSrRka0Vin0zvZG8cz1UGtKnp7rCSUF%2BNuquvuY9eeB59QuZhr6BKUOI1vWFCh0HeCdb%2BuOywVM7ANTm6qvx%2BYlSXVktfH1%2F3bVgrFcn3U%2ByNqTFQBltgfVKsZeKk3uz1aYO3bn8%2Bv"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7df792e55a28bb5b-FRA
expires: Fri, 30 Jun 2023 16:42:03 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5F54 2 KB
1 KB 20ms
20ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 161656
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7df792e53b7591d2-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zU1jUNKr05Q7lzr0qIX52RoffTeJoaHhxP3hdbXSaHTYjidBdU918mtSfl446lxD5IQ5N2mLr32o9Y0Kh7ti3z3V4B%2FzEgKFPJB%2FYgPAzTZT2hU6yq8c7OIjy9yG%2FK15qZ6gI1M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 3561 2 KB
2 KB 31ms
31ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a4ad9316204ce252f362c1e9316baab03832a565daa2ac4515fb411cc0c5f69

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQ1LwqHiAXE6JAqlcC3vVW35BfNwGFsgmpW9N%2FpLqhw%2Bt1AO48My7R2V6P1qGxFA1fp90HPhetxFYDjN2sHFJvJbYCQMn%2B%2FuV8Rg%2B%2B3vfxTdzgPtcXoHVOzHXOQEqhhbi8oGuVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7df792e58dfbbb35-FRA
x-backend-server: aa-reachservice-group-europe-west1-jtn8
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
35ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7df792e54daabb35-FRA
content-length: 24
content-type: text/plain
date: Fri, 30 Jun 2023 15:51:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBWCqXUZuYxYYlv1xRJuKEViuUOJntCvsnFjIdslTYBXharHB4xtM2bwcDBeeeaZt3uhhIhRcR%2BR4nNnV29VEfZk19g4wr%2FYHANGGHTHrcQDQbXh8nRwBKS8CCdCGBTNiFhMMEA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-jtn8

POST
H3 200 rs Show response
ad4m.at/ Frame 39BE 2 KB
2 KB 37ms
37ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89020ab05ea43c95ed6b8186aa87209cafe5e5a4e52502b92604c34e88e1a4ed

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6JdOUtPehDFis4bKw54ti8q34wrsI5i6oT8CyI%2BTphUgOITOM2SHZ%2FNHohfRVhOhOj7AUIzfTVfVwNYeq6mFL5e58%2BDqiqAq3q7AIjxHXiXfxHa%2FmtitT6BY7ujP5OIAClLGGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7df792e5ae1fbb35-FRA
x-backend-server: aa-reachservice-group-europe-west1-jtn8
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 30ms
30ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7df792e57dedbb35-FRA
content-length: 24
content-type: text/plain
date: Fri, 30 Jun 2023 15:51:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQTdXg98e3uVWphVRMQ7Z8I07azdHYMwpcnOrH4ZdRHDnZQrwOqknKXSIBdQ3VCw6aRl6STSXEVZGqe7VfHzYWHnQiVykw8iKt2z7458j8znqj9sF4bj%2Bs%2B%2FhCics%2BshcBliERU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-jtn8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A512 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uKVYWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame FE1B 10 KB
4 KB 36ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

451c10fe69bead722a7bc2493ed3291fad1bba2430379cc7ae17391af69616ae

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hkrnn6e0etd8pdf34retfawjv9xm9ecmav5vg94zsw1tqykt4kkbn9njyct8srdb01m1tpa8ewh9qa5sr0qnk1b47e6jtardk51w3ezcva1h0e3h2zgj39b9jvf7w75wm778ws053236ztpz9htdatvyj42qe8jhdcsccwq0zrza7zkc6vdyqqbt41p0kt3b7nrtwg563mmm8agfsc1tnnyeexh451q2vph8m2g9qgs017b6fny43npndxxt56n09vbqwgntyez13etfy5c8x4gk00yygy7xdzxt25qa4t878phaa17cdzspvkqeaw4nvn7fmwhfjtnfm5f0920znc7t9tmsv9pztvprnzcsyrqr44rg0f8pyjfv13cxganj7c52crnrz4qxmkd9r0g07h0z2ty2fvpyyywcdrg0yhpygw5z7v0fx48pyydgvcmdcwr88j1gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7df792e5cc3091d2-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 2D52 0
366 B 149ms
81ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=41322400097839900951393012371011&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a3ad5fa280&subid=&uid=044c077972ee2a1c&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DQpQhO_fOK61HpzSN8iDP9g%26exch_seat%3D20035004448%26mt_aid%3D7593560589312151619%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_cid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%2526client%253Dca-pub-5884294479391638%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D250%26slotname%3D3654094576%26adk%3D354510378%26adf%3D816031632%26pi%3Dt.ma~as.3654094576%26w%3D300%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688140318784%26bpp%3D10%26bdt%3D181%26idt%3D192%26shv%3Dr20230627%26mjsv%3Dm202306220101%26ptt%3D5%26saldr%3Dsa%26is_amp%3D1%26correlator%3D2475%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1574007881%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759927%252C44759842%252C44759876%252C31075623%252C31075643%252C42531706%252C44788441%26oid%3D2%26pvsid%3D402142884144516%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257C%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.mluxl5tghi2l%26fsb%3D1%26dtd%3D204&ancestorOrigins=null&random=2110701679978&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Fri, 30 Jun 2023 15:51:59 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B2A2D182:EE28_91EFC182:01BB_649EFA1F_5E371B2:25BD2

GET
H2 200 / Show response
adv.office-partner.de/ Frame 02F0 930 B
931 B 61ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a3ad5fa280&subid=&uid=044c077972ee2a1c&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DQpQhO_fOK61HpzSN8iDP9g%26exch_seat%3D20035004448%26mt_aid%3D7593560589312151619%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_cid%3D5a4e649e-fa1f-4b01-ac57-be78a9431de3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7pK1H_qeZMOqBOLExgOcy4SgCc-HjptcwIbZgsYCwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmoAwHIAwKqBNABT9BnaZBLazafM6hdtvC5pwud1Locfec65DXJhgZdmfSoRZz6IWu_hyRlI9ni1mDTf4UkbhCLRfPQFy2JLliX_RuQX4VpkcL_LkvCJgJpRdZ0lrGX852MfgtPFbqm330XIURm1r1aixBfXG_8rgrK76YLX_H48I2pn7dbGL952N38JKrkpe_5QXhRwVwH1AL7TSJFqwBidhJPO5sJ9ZPEWmGxwL7oh_JrY363zfx3Mi2hCC9bYT9Ny2s8XeP8VVbbI9azemkYGEble8zXnB19gYAGvPauzefAiI4PoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0nDntIe3vjB7soKu5djBoccfqFcA%2526client%253Dca-pub-5884294479391638%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D250%26slotname%3D3654094576%26adk%3D354510378%26adf%3D816031632%26pi%3Dt.ma~as.3654094576%26w%3D300%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688140318784%26bpp%3D10%26bdt%3D181%26idt%3D192%26shv%3Dr20230627%26mjsv%3Dm202306220101%26ptt%3D5%26saldr%3Dsa%26is_amp%3D1%26correlator%3D2475%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1574007881%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759927%252C44759842%252C44759876%252C31075623%252C31075643%252C42531706%252C44788441%26oid%3D2%26pvsid%3D402142884144516%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257C%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.mluxl5tghi2l%26fsb%3D1%26dtd%3D204&ancestorOrigins=null&random=2110701679978&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 30 Jun 2023 15:51:59 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 07 Jul 2023 15:51:59 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 47F8 0
366 B 167ms
98ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=41322400097839900951393012371011&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D182:EE2A_91EFC182:01BB_649EFA1F_5E3420B:25BD0
X-IPLB-Instance: 40027
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 47F8 43 B
382 B 157ms
82ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=41322400097839900951393012371011&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D182:EE2C_91EFC182:01BB_649EFA1F_5EBBEB0:1ECFB
X-IPLB-Instance: 40028
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H/1.1

200
OK

inv.gif
img.tradedoubler.com/images/ Frame 47F8
Redirect Chain

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(41322400097839900951393012371011)038191239
https://img.tradedoubler.com/images/inv.gif

43 B
644 B

39ms
8ms

Image
image/gif

13.224.189.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.tradedoubler.com/images/inv.gif

Requested by

Protocol

HTTP/1.1

Server

13.224.189.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-110.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 25 Jun 2023 01:15:09 GMT
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA2-C1
Age: 484610
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 19 Nov 2004 15:35:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: phcRm5fwRHhp1_aPHpgfgyhjpvS_GI8l_8yDXe_jO-IYbOhAhQTTHg==

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location: https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin: *
content-type: text/html; charset=ISO-8859-1
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0AA6 10 KB
4 KB 30ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2738c8a7e1e398476f23b5a30d867e1aac66820a55e6d0e6bdd43a4adc7b254e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jrdp73bm3mns93cqw4s4rfpbp6pd6xn0q898x0y7098js8d1zpxmw581asbgf53t26eqxpk3eskp350szyfmv0b0bsm7jpb4f4xsq0nya19zghfh71qr0kbbwcrtqmq6qbg0e6ce8y04gy8g5bxypxbacvrvrrff35y8r79js5avtfms2vtd3n3ms7ytmj9bh5xtdkstazt2zpjxwebg341xnvwwyxaskx7cm82161h67wtgps11gay8y45k0we0fvfk6tsz56kzpsyx2pj37bnckc3d1msfhgzdktdzxavvg66661eqkdnztb66j748t6hkcpe0gbm073s241vxmrwqx36nw7wb2fynjkdv20jmqwkrg1k0f1t9j6z8dhvny42md3a5v2cyk07a08erhq6hvsbppvhwbzxj9y1ywrwp86441mbp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7df792e5ec5191d2-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:51:59 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame FE1B 114 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 189533
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVGd0rcjdV2JFBtfLPDoSYwXScwSLU7QVdw8OquF8inpgBDlJmg%2BPxvldCaL6L5CI3WIPXs%2B7p%2BBmjUedMZVx1k7MSF3fqaq4fhUJTKWK9CxNUvscIN8znVG5o5GtOWFWIPhQgidjOs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7df792e60c6691d2-FRA
expires: Fri, 30 Jun 2023 16:51:59 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame FE1B 2 KB
3 KB 27ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 484337
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JpqmVhCNNDbh%2BePtCcQswzXZT%2FOY2r3Gq4P9U0SaqymnolGLM0fOIwOmd6JYPnEiqPuwYSDhQGfiHh0cWbTxNHCmem7%2B%2BN5pHWEXm%2Fw87pdgj1roDjcf7aeRRIYBbtGl6gieL816qvtqS17"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e60ba59ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame FE1B 253 KB
254 KB 27ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 676048
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCtX3m21oQXiOWki6bi%2BnYy%2FiICHRuR%2FRsT5FKiXDDDdurcs9vgbUe2Uasai7IpFjdYfquAAUumLhhByHu5OuBDlhK1l3twCJbImMsvRN8T7D92sHceej5Ao6%2FnPUwzJPGRwdi2N83V2diEW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e60ba69ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame FE1B 43 B
702 B 102ms
75ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:51:59 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame FE1B 53 KB
54 KB 33ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1032078
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rLU%2F8hbgJJeXkkl0th18Fn%2BEBqXZThLvi6G9m6nbESQ%2Bdbw3JcessUXnTdAadhXLdk8SSYza83%2BybUjUgzPKAUb7%2FN86RLPxbDqC4N6%2FHTZ2uyJG3G75nUc6mvRHNaZrtnWKQI6pEeZ48dN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e60ba79ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame FE1B 22 KB
23 KB 24ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 579609
cf-polished: qual=85, origFmt=jpeg, origSize=60344
alt-svc: h3=":443"; ma=86400
content-length: 22974
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 22:26:34 GMT
server: cloudflare
etag: "06609266defcd14ec685b2464aeced2e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrt6nacspz41lS6QuzCc08qt9%2BBHZVe2ATC5u%2Bkn76bV9gk%2FdO5JR5qUbDvfKBYCdQHToeP3CRSyCD0kw3unxMPnrU2nYNDkfbluz7pqeenXHycvC5KUuoCF4jnklthDRG3bcy9MUraWPhXT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e60ba49ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame FE1B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CObT2-Cs6_8CFc3huwgdp84JmQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023063017515986382739463X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suit...

49 B
1 KB

105ms
32ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023063017515986382739463X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023063017515986382739463X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023063017515986382739463X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023063017515986382739463X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
date: Fri, 30 Jun 2023 15:51:59 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame FE1B 10 KB
10 KB 23ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1537826
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9EOaa%2FOaNluzLn6Plp4iExZxXjirqO6rHWTFiSHJZ5k1plKHdqzNQLC%2FU3rs6wecyQs2O%2BI889egMbfsqvTRosldV55fqI3Yf3cI1gYhHkAKlmZztsv7YtnAXlUW3CzYJ25wN8H2ob5gt2j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e60ba19ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame FE1B 51 KB
51 KB 32ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71615
cf-polished: qual=85, origFmt=jpeg, origSize=128978
alt-svc: h3=":443"; ma=86400
content-length: 52014
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 May 2022 12:16:42 GMT
server: cloudflare
etag: "aa8c145ca1b6cb2be4e511f8f6f2685d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlqpXaKLobdIxb4gGaeWwtTIHyScylBhlqjnYh3fR%2FFRc1gm%2Bt%2BrskoTqRl%2FlYTzbM3buSLnEsoWLLLhy8yWfzjYSlmKHaJTsw%2FZL9VYdNbrsgozLQjw61dWeuNtiqSSVZ6%2FRVJY4M5k5tkJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e60ba89ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H/1.1 200
OK 2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame FE1B 0
366 B 166ms
100ms Image
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D182:EE32_91EFC182:01BB_649EFA1F_5EC7FD3:1ECFE
X-IPLB-Instance: 40028
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 0AA6 114 KB
14 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 189533
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVK%2FpO0bMdJnopKMpIyKunzoNJP4MBSABgq7VofzWR5bYTSinc%2FAPDnRSF2vGmuys7mQeHAkIClcLAQ4E2w6kxLWkBALaP%2BCtg34JJcPp%2F6prTl%2BgzQTdeO%2BFxa91v2WDGf%2BOgK9qvI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7df792e61c7591d2-FRA
expires: Fri, 30 Jun 2023 16:51:59 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 0AA6 53 KB
54 KB 19ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1032078
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83fUW5bInWtbNN4g2SUSN7pcsnKdZYDU5P20jylKiBYS5x1ZSe9Gm8oKpqB%2BdFnIVp7skufwgVcPb5dvBH5HypcGfnmEMhhz2H%2BmRXN2lmJrooeXOxqXqNuxTT7YtUcaMADh5zUtGip%2FvnUv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e61bac9ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame 0AA6 22 KB
23 KB 24ms
20ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 579609
cf-polished: qual=85, origFmt=jpeg, origSize=60344
alt-svc: h3=":443"; ma=86400
content-length: 22974
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 22:26:34 GMT
server: cloudflare
etag: "06609266defcd14ec685b2464aeced2e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zug%2FWetfYncuODgphvs9REP83XtO%2FDULP7VS8fTYmqOQe%2FkOFbrCdUcfaN28uTU0rbaBtlLY4Blk6SZ7V1TMC6sljKHnfPlZCaRDp%2FozVVG8e7wVuELwUL1zCJgrZZNLBidCkIS8PGRKSaX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e61bb09ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 0AA6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLzV2-Cs6_8CFS-GgwcdfEsLyA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023063017515986382739467X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...

49 B
1 KB

101ms
24ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023063017515986382739467X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023063017515986382739467X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023063017515986382739467X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023063017515986382739467X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Fri, 30 Jun 2023 15:51:59 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 0AA6 13 KB
14 KB 27ms
24ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1453396
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziHtfQ8MXgw%2F%2Fe3PIn23gRUGvUA00pG%2B7pfZ9p3rmcOWmQQ5ZdpGQACofi705pek8v0RLxNQSn7Sj%2FcPEGRRCWxDUo4OCQtBhKF1hUKVZ6O1lEZjGAtgyhxI9wwl%2F6JHyg4W4pwAzE2cp9c7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e61bb29ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H2 200 51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
assets.ad4m.at/ Frame 0AA6 11 KB
11 KB 24ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f1298767e4be7239cf28bb31eaada9d1750fbf45f29b2294fcfd4add302bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 673158
cf-polished: qual=85, origFmt=jpeg, origSize=24400
alt-svc: h3=":443"; ma=86400
content-length: 10938
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Jun 2023 13:48:21 GMT
server: cloudflare
etag: "e134bc76c0143a9a962b7159f7d67151"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eANiAOJmIA3FUKfKMYYamkFAebc5z7eGYnAW1HYsUg6XKRkXI9mDmmm9Yj20T4Ce6zP5%2F1p7ekMKG0%2FxMbvyuJthOBOWFbazAIsDoHZgyo6VLhULdaNG4c1U6Z7%2BU1XwrbM0AOfNC7bFXjTs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e61bb49ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 0AA6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CI_X2-Cs6_8CFYzhuwgdFVQPxw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023063017515986382739465X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...

49 B
1 KB

77ms
28ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023063017515986382739465X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023063017515986382739465X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Fri, 30 Jun 2023 15:51:59 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 0AA6 2 KB
3 KB 24ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 484337
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yEgcldsy0sA%2Fs3P7w%2BlHxFraFdszyVPNap4gnsOYhztsepE%2FQYjjU3%2B5Nmks6rnpj34ZhG9pzSlaspA5CT1G3k6BWZNMI7zr5VuhkmR8SOiEqwVWGiQraZqplyTSk6Cy7i10OryuN9K66jl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e61bb59ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 0AA6 253 KB
254 KB 31ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 676048
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKCZz%2Bfxzu%2Bbnr06yW%2F0yT%2B3vEF4lfTziWn42dLBSmALX0Vxoir53n%2FGlryaViBfHuPFVwShwIRpc3um0nEWnaaYegIeSbZEivLuqua%2BUUKsJ0bz5eXgNestpbqLWj%2FNv5Xve9kRgr9pNGOv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7df792e61bb69ba0-FRA
expires: Sat, 01 Jul 2023 15:51:59 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0AA6 43 B
702 B 90ms
71ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSWoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 15:51:59 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A49E 42 B
64 B 51ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdOTIPkHJODNABso94TY7UUXGDmgcnPpx1r2GkfIYjMVNC1vxtN1UJ9MHSYmk1MCOL2dxMKF65HfQZuVttC4POk4c&sig=Cg0ArKJSzF7ygvZ2TlzaEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688140318515&rpt=181&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 02F0 116 KB
45 KB 64ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5980201b999142f4ad04c615d7a64cf9fcd1193e529bda1f7e2f2d3d5e5fff97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45447
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 02F0 260 KB
88 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49770ff663b41cf03fd8dd0c17dedb6a7ed890398690c9b36a71fdf64665c17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 47F8 2 KB
2 KB 125ms
62ms Script
text/html 18.169.71.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=41322400097839900951393012371011&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.71.137 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-71-137.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 916f7bea552b5464c1b61c30caafb0689a2b1a238d5ac6762f4adbbb76b19a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
last-modified: Fri, 30 Jun 2023 15:51:59 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 30 Jun 2023 15:52:59 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame D930 7 KB
2 KB 49ms
12ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=41322400097839900951393012371011&a=9a2d3341
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 511b9fc639173fd7bb110414c8ef2ade015465bcaeec25a9f25f1a73d00d4b66

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2027
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 15:51:59 GMT
Expires: Fri, 30 Jun 2023 16:51:59 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 60E5 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sat, 01 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 127ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?oz_pl=1&c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&psv=2.96.2&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&ap=&ti=7593560589312151619&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&pp=pub-5884294479391638&sr=4&de=43000&si=464927259&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a00:c98:2050::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:51:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.96.2/ Frame 47F8 176 KB
53 KB 31ms
30ms Script
text/javascript 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.96.2/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&ap=&ti=7593560589312151619&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&pp=pub-5884294479391638&sr=4&de=43000&si=464927259&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a00:c98:2050::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f2375555345dc99cf98577de9d68ba9ae155ec3d2c412745700f7a68baf2ab8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54294
Expires: Mon, 08 Mar 2055 17:28:29 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 60E5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMLEZ4QwIwMrWhlHLcmU-Ao&google_cver=1&google_push=AaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMLEZ4QwIwMrWhlHLcmU-Ao&google_cver=1&google_push=AaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to...

43 B
422 B

190ms
181ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMLEZ4QwIwMrWhlHLcmU-Ao&google_cver=1&google_push=AaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:52:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7df792e88979bbc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:52:00 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 133
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMLEZ4QwIwMrWhlHLcmU-Ao&google_cver=1&google_push=AaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGH_JhX0resq_003qt43VLRDN-vjeEiXHzxXD3hicww92uLmcIicwFS2CyRBKLqySZf61hamp5A76HUvn_sC0JvQTybz1to%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7df792e74f02bbc8-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60E5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMMVUM9OWSjlO28jBeetlBA&google_cver=1&google_push=AaAOQGGOSoE-NbE8WeF6OsY3uhSB5DJZJAD6lUqHE15L0mXAub-cr5fxE4ADmmgk_87Psi5XGd5BXRG2Gi_FHDf_yrWVYpEZYSo
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=891AC26B68B24EEC89E85213AD65CD96&google_push=AaAOQGGOSoE-NbE8WeF6OsY3uhSB5DJZJAD6lUqHE15L0mXAub-cr5fxE4ADmmgk_87Psi5XGd5BXRG2Gi_FHDf...

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=891AC26B68B24EEC89E85213AD65CD96&google_push=AaAOQGGOSoE-NbE8WeF6OsY3uhSB5DJZJAD6lUqHE15L0mXAub-cr5fxE4ADmmgk_87Psi5XGd5BXRG2Gi_FHDf_yrWVYpEZYSo

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jun 2023 15:51:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=891AC26B68B24EEC89E85213AD65CD96&google_push=AaAOQGGOSoE-NbE8WeF6OsY3uhSB5DJZJAD6lUqHE15L0mXAub-cr5fxE4ADmmgk_87Psi5XGd5BXRG2Gi_FHDf_yrWVYpEZYSo
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 29 Jun 2023 15:51:59 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 60E5 70 B
265 B 103ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJqVDArBZYEzcPUx9CEKytY&google_cver=1&google_push=AaAOQGGpch8wHpPTi-9KpAKYGPXPj8DEsPbRyO_75KJeHZA2bWQwwNOoMb7dZG7Rg6pIPhXoxzYk6LVM-ezkzDqO-Im2p995Gg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60E5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHMps6oVj6Nz8h93nIItHyc&google_cver=1&google_push=AaAOQGFVR-T0-9dOFqxLzcaOqK05ZvyMKWvTfPr5xx2PQ3pZbSCtFf0XVtnohsOGwvjsz5HCsXaHt8NlEtMCuEok62cSRS0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFVR-T0-9dOFqxLzcaOqK05ZvyMKWvTfPr5xx2PQ3pZbSCtFf0XVtnohsOGwvjsz5HCsXaHt8NlEtMCuEok62cSRS0ZCyc&google_hm=eS02cm4xLkRaRTJwR0tHbHJ...

170 B
188 B

26ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFVR-T0-9dOFqxLzcaOqK05ZvyMKWvTfPr5xx2PQ3pZbSCtFf0XVtnohsOGwvjsz5HCsXaHt8NlEtMCuEok62cSRS0ZCyc&google_hm=eS02cm4xLkRaRTJwR0tHbHJvWURLNEZiYmF3TEppNXhXSX5B

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jun 2023 15:51:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFVR-T0-9dOFqxLzcaOqK05ZvyMKWvTfPr5xx2PQ3pZbSCtFf0XVtnohsOGwvjsz5HCsXaHt8NlEtMCuEok62cSRS0ZCyc&google_hm=eS02cm4xLkRaRTJwR0tHbHJvWURLNEZiYmF3TEppNXhXSX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60E5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIQJTPBMjWf8p34FDbKgwhQ&google_cver=1&google_push=AaAOQGHhYtlNmgSfFEg7CHubnsoRw_YB7hsS7pM4FR8XinUeUBiHGi2ayqVytalvjbt3gYK4kFK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUjVSQVMtMUwtTUI3WA==&google_push=AaAOQGHhYtlNmgSfFEg7CHubnsoRw_YB7hsS7pM4FR8XinUeUBiHGi2ayqVytalvjbt3gYK4kFKFaLE8Fi4tVcQ90-Fp23i4Lw

170 B
188 B

25ms
25ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUjVSQVMtMUwtTUI3WA==&google_push=AaAOQGHhYtlNmgSfFEg7CHubnsoRw_YB7hsS7pM4FR8XinUeUBiHGi2ayqVytalvjbt3gYK4kFKFaLE8Fi4tVcQ90-Fp23i4Lw

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpJUjVSQVMtMUwtTUI3WA==&google_push=AaAOQGHhYtlNmgSfFEg7CHubnsoRw_YB7hsS7pM4FR8XinUeUBiHGi2ayqVytalvjbt3gYK4kFKFaLE8Fi4tVcQ90-Fp23i4Lw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60E5
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEBo0-xaD2gGCP8SoKhofw4I&google_cver=1&google_push=AaAOQGELvm3DRXbt3wsr_3oADeJowRS9qUz6jbm7pkG_cdG3_2gZPXmBEvnBe6BIB54UPHcsBUS5cZY85P5qqwYdnzT9LT...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mF4eF1qLQ7KL0bipnEAqTQ&google_push=AaAOQGELvm3DRXbt3wsr_3oADeJowRS9qUz6jbm7pkG_cdG3_2gZPXmBEvnBe6BIB54UPHcsBUS5cZY85P5qqwY...

170 B
188 B

25ms
25ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mF4eF1qLQ7KL0bipnEAqTQ&google_push=AaAOQGELvm3DRXbt3wsr_3oADeJowRS9qUz6jbm7pkG_cdG3_2gZPXmBEvnBe6BIB54UPHcsBUS5cZY85P5qqwYdnzT9LTDXx94

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mF4eF1qLQ7KL0bipnEAqTQ&google_push=AaAOQGELvm3DRXbt3wsr_3oADeJowRS9qUz6jbm7pkG_cdG3_2gZPXmBEvnBe6BIB54UPHcsBUS5cZY85P5qqwYdnzT9LTDXx94
access-control-allow-origin: *
date: Fri, 30 Jun 2023 15:51:59 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 60E5
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDDQOF8J4MQEE_Bws2nM6LA&google_cver=1&google_push=AaAOQGGVB_Wrh3CgFq-UaCMX0pQRyI3C88BuzmenRB5Tqgg1REcve8cxpF7jQMSZctIOJgoVaJPlNq0S-8ZrPvFPKUrSqZ-XX0s
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGGVB_Wrh3CgFq-UaCMX0pQRyI3C88BuzmenRB5Tqgg1REcve8cx...

170 B
188 B

25ms
25ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGGVB_Wrh3CgFq-UaCMX0pQRyI3C88BuzmenRB5Tqgg1REcve8cxpF7jQMSZctIOJgoVaJPlNq0S-8ZrPvFPKUrSqZ-XX0s

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTk0MTQxMTI3MTkxMTM5NjMyMDcxOA%3D%3D&google_push=AaAOQGGVB_Wrh3CgFq-UaCMX0pQRyI3C88BuzmenRB5Tqgg1REcve8cxpF7jQMSZctIOJgoVaJPlNq0S-8ZrPvFPKUrSqZ-XX0s
date: Fri, 30 Jun 2023 15:51:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 60E5 0
12 B 23ms
22ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXaJLp9TmN6HHkVufg0xF2nP7HSUtcCiL6RDMmr2E0vN3cBl5sOYHSEgJHJYZLoAxKcoLk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:51:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame D930 5 KB
1 KB 60ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=41322400097839900951393012371011&a=9a2d3341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 14:54:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 15:51:59 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D930 14 KB
14 KB 157ms
134ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/1200x627_Matthias.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=41322400097839900951393012371011&a=9a2d3341
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3eae680f1fa731a35286696dee64f6b1ecdaad23c40982ace994bcedf4fe0deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13935
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D930 11 KB
11 KB 39ms
14ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=41322400097839900951393012371011&a=9a2d3341
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3f70cd4e86bd596131a3d7eeac75dc4aff40cf1358e86b74bfc04bd27525a144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 11559
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D930 12 KB
12 KB 39ms
14ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=41322400097839900951393012371011&a=9a2d3341
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ba8798da847553e582e5cf3c136a3e98ea3fccbe06259779eccd75953a568afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12071
Vary: Accept-Encoding
Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame 3CDA 0
127 B 16ms
16ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 15:51:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 68EB 0
0 52ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=1973212705999604&bg=!UlGlUQXNAAb90kgr3dI7ADkAdvg8WihDY7l_RTzLosB0qhfmPUGcxjPQNkmdN5Rbdf1bQbtkGweh4mT62VJeScWngDrCwR8NVckCAAAAz1IAAAABaAEHmQLrKD8PBEjvKFx2Klb9lT44_sWbj81KHgJ6cs8mheb42fS96e-sdaD0h_viSwz2cInhBQeONkU_54ComtXwcPoVykgeMxn2nJl_qOZHtVYJUAnWDijHoPptMmsmnq4T7tx5k934TM35MZX-I-Et1vCU8XS0al7FCxHhXlr_HSEUgbEVcaF7je4MTfVnHTr5Npfpar54-In5qrcgfyRGhFUAQSi9__L7e6SfHEvpObR5pyeSkfnt5QAOlHfuAEJKrikBnMXbbN1tS8k1WOM9W2a6seocCklfbdQdcYhqerqScxHRp3UIipomn5zeZS314thNiW0CCMfy2LqixonYGUZWIVAjVj-g00qskWQAGx8hgyJy0gHYtaj8wjQNaO2MuVlih0-b5WBXznxaDYOpXOu5BVuQqZ6xMx2zvG9d0-qR1-gVgTIzpm-KBNOE0lK_E120q42pjpK1o6y62XA43ouMmfQs4V-NhHWp3kkriRJTo3zrFPSW1OqUyii0XHRWyW-Y76vJqtNiGpZJkg4nKhSGU6OnOrNMa11jUW6LxJPcQCxO_X5OM-2omfLFp-bifpghqAgLXiXpe8_8X-uEgkoVlNpbVqapIutzDAsPOxWR2oj1PfnVW7V_ijnjfgs7TS2MV4IgUfEdnKCkDuQ6hXr5gPAuJ-5xu1EP7p4wLZMqD81g-nYWkdSQriqKMnlO79tw2AUKJGtacIM6ykS0qVIN4740IHHbAFVW-vr2WkTtT7HP9Mr8KUCXr-XLsmYsSvKqTXS-6dVsVuL9nDosNZ4CGFhEAH-cowqzaDHh1S6yX-0mmM-NHK_HwE_HXzjrVM7HsbE54yCGav2KyAuW18BT4zGBNZykInHwUqablOO8s5Dvzcdab4-1dqH8YsPU8HYm6dJH2eQ8ySHFypVg-yqGNHW4f5spNRi9i8EGZfmQm1FqT9bGyuzvZzlBbkxyNC3WY8ZHLz4GnJBdFoMfaC8t_1BhDCU8GyULpv6N
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D60 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=2654449968433262&bg=!lJell8PNAAb90kgr3dI7ADkAdvg8Wg3_zg8x8hPiOIf7v-MT9ywDjFKAvC3oMbeCwzNvpND6htdCQFmZOsc6WlZRLTK3jdaGO8QCAAAA81IAAAACaAEHmQLyoFuLBx5zI67Lv9PKoWkhADAoRy3pg-cZpOkhq-s7STYh0ZCiJ9BHY5E--0qAROI10V5zinLqA8fUjzliJrtiJSxoLTojuxWEV8kksNGPPYntKs-H6jqnCrZClLGoxchHiUeacaV2eKLjU4wGMh5GwYIDOD41Cy_OgaTLiEsvqdF2UdpyAg3joUL_IPIYvfOQ4VlUxl7CT3n-ElIppUHQGLM3OvOJstnHheieGTIFQjvEOAOOVmghR8op2noBL9gFHKJt9HwLotHkqdCHH6O0gVd7drnFipoS-vPRx87V0VasDQvAqeRfPkDtEgOtwncV0dHap4L_46nxEC0gra9ZQ7xfJrK5GXtM6dm-TH93VEHXJ-Fmj1ZP4pOJMCHSxAfssnL9-I4wE4gKkCmTCEarS8EVNIBXQBCP9wDl99_5m6IrKnm9RS25jHcJOtqijyhKpBdn-BdVhU0QbDT2bq-VnDCBp6aKHNRGEZC-xWziSjcSzcgCsoyWXfZ4FvWD4nAqfLGI2srBDGsQe39J4enwtA67R57p6E3Za7iyaLZfzIuZp2dj2SbsTiraDlfXp1D3BiFJyI7Sp3DB2CagojjEOrBm9HSQhu03jyp7qkmoRVivc8heYQlKQuCI1s5EG7MIRmSmcxbcEUv53kDBrP34N2purDIavoy5JoLq-qLEL6RWq6i5UpLdcK7dNzcp2nCj2V8HUFP0CtRVpCNSa92wbI5ssnIcWQyl30eLXK_MZNal4-wqw9GU_KlJQCJ89Z_yWJ6ULNw8611ktlllzPz0xlRYQI9DAWGBGO4kwaaExFGslGmOcAUnCWKxpg-9-wt65nIFBXwtagRb0GU3gNbvobme7qev7ebzZcwanWWCz32MljLgWXalfGnNItubkmTIgn9bvGwSRoWhvrMMuIiK23Pe-eYV47qq9Q1e59_yg6sv-wRGz9QZu8a9HtuAAIL-9OIBFEFXB2tORSLIeOWgGbuhS8y7RO9r8RDQfBRS5D5lIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame D930 0
150 B 35ms
12ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=41322400097839900951393012371011&a=f6a15480&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=41322400097839900951393012371011&a=9a2d3341
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=41322400097839900951393012371011&a=9a2d3341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:51:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 34ms
31ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?oz_pl=1&c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&psv=2.96.2&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&ap=&ti=7593560589312151619&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&pp=pub-5884294479391638&sr=4&de=43000&si=464927259&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a00:c98:2050::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:51:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 47F8 85 KB
31 KB 52ms
11ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=41322400097839900951393012371011&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 12:41:10 GMT
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 11451
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: vnuQ711cGjNNfRRE4zSabHr4mrTRk7r53GjbZN_wP6nZSB8rZh6kVQ==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 47F8 3 KB
3 KB 38ms
10ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1688140619&Signature=XCsn6G4B~UuOdAm34kl9LkYyvcFcC6Zo~C9sK6o~l9oW3e4-6JpQyWXDf3rTdAjaJL-SKl1aALa5DTwd2tmv2ZXd7ziUwME8qizFOzOTeOX1XpExbA5AbSqn9FxC-pB13X-UyR1VBtjsEeBv1vyBUBZhMzJ4dR6~HyUVDmRTDePgfdSTWxOalfq5WrX5FcJLGpU6WJKAF9Th1WqJ-QfI9gjbMu4ZqUvv5zp9zyvUkJxONOQHR1CCzWx2T2vZB1HxWQeyzWFO2zNN07-rOEvQkgavTiDSpbAHcabvYE6W432mUSCD0B-8e-RCbjoLAZYdxSzz99qSfvXX-bBWXSQdXw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=354510378&adf=816031632&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688140318784&bpp=10&bdt=181&idt=192&shv=r20230627&mjsv=m202306220101&ptt=5&saldr=sa&is_amp=1&correlator=2475&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1574007881&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31075623%2C31075643%2C42531706%2C44788441&oid=2&pvsid=402142884144516&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mluxl5tghi2l&fsb=1&dtd=204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 30 Jun 2023 04:53:49 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 39491
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: QHAVwPh4HKusLP7rbME8aqWo3ZTtPrQ5E8Ha98i01ynPP2L7QRftYw==

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 62ms
37ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&sid=AhfsiFcKEeWiRXFF&oz_sc=15bfdf1ebd9b647146baf4ac&oz_df=1688140319966&oz_l=1034&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:51:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 747E 0
0 50ms
50ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGwL2bWnco42uOlYQ6_qfFyUVDBoxnpUIAMi8UR-IQMzhMAmZ6Tz77-RFEwJXKUNcmFyk3ZHqQineOdRNiI6Kx12Xk1kQw_BtA7cwd7GMvbNhTSc-snXnNK875ZRu1v578jDOCMRh0WR8AhrQbdaDmTwOXpVnCGDV67Hl14wfrJJTtk3SGdtFd8QQfwdpKuq0jULAuanAsFzPBFvdGfEnJ_VE2M2ZLKpCRvVVTLOWPThtb4N0ghc2bCxwJEGgOg6QpM4HYDq31msVzno_T2Z8-W0Z_EmIZnf_KKDPVXjFFctOl37LhJ1sq4D0ZJkeURsBKJ4ugTlu8h8WaTRI6FNhMiN6_skK-p32rQagmStptGQ&sai=AMfl-YRZgZJImP563YScwxNpIU8SgsWEypP9_aPp1IPCVmtKCnXatPK3jcjMx4zNyv8zghMCK4NcBtZdkjASDq0&sig=Cg0ArKJSzNzOMGzh_fEBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:52:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 15:52:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 747E 15 KB
11 KB 68ms
68ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

253ded2f23de07a4489d6c9c957c9618918f40a87119990113cb4b2197777936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11318
x-xss-protection: 0

GET
BLOB 200
OK 19e0375a-c287-48e2-b0ce-3f6858912c7a
https://googleads.g.doubleclick.net/ Frame BB8A 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/19e0375a-c287-48e2-b0ce-3f6858912c7a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 747E 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:52:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AE0F 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 14:50:14 GMT
expires: Sat, 29 Jun 2024 14:50:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E349 783 B
534 B 26ms
26ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ceb3913bde60b666c9b29641e8b8da5f0b430c32d3be984a0b5053d9e46332d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UcvhdvTEq-OAG8XNptW1Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-UcvhdvTEq-OAG8XNptW1Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:52:00 GMT
expires: Fri, 30 Jun 2023 15:52:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&sid=AhfsiFcKEeWiRXFF&oz_sc=15bfdf1ebd9b647146baf4ac&oz_df=1688140320144&oz_l=5641&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:51:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C998 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=1260289334728956&bg=!enmleS3NAAb90kgr3dI7ADkAdvg8WnmhaMJIgz24Pzw1uOG-BQFs7Xd5guZnKTd9Mls0xxrITP2AzA-KvSOCIMNfAKwJkMQhSh4CAAAAUlIAAAACaAEHCgCYpuIWIq0bU5pvd5h5hqsgA0_1Z8rBr7ENrTS0oIwFnZH1Otp21Cktk4t37ZWj_sLIEPjalHLcyjp0Yc3ItLRSzmNMuJ3jMKYqdPNc53-IKlpORdCiPJg9uXrOkpNuk0NGPEjZvr75iUyfoBFYBaomCPL8XIVYpDA4zoWIXJIdcPT28-pBQ8m1-3PWDCiEZBykovG76a-GgzWZAudZE8lme3IE2cpMzXU6pxrXcTcVZoozTkjzBffxo37KtZcgs6SXZcN7UtyzXM-tN9KrQhFmaGH0MhKERMolDWHsLh6cUukN8aev0oAt6Bbl9v1IE8hUpIlPo11EF5aENNITvFResAhn2eBSm3mLbgt2i_2mOYg7ushMHYIFJVDFIGr_ixf-8OybHd4WaX2dkwVuh6EPUYMUlofVEcEgZjaQTikLceM4g7ohR98O9TVeir34zL3PiU1CQpGn6YRTOUNVv8KwRrdUq2EAhIWKjzfuOB2xU5QVUn5s7L5Pvqys58zwEjoizIRcdueyXZ2AKO-Dk5g0U1kOWTTRXbrgMyaSMpZ40_okh2ZV_rAtrRucAO7mKvtPb6ytiH5UTm28__-mS5F2GvZP3UPACYCb0ZPTqYeNpZ5xxbe9JI2rZAX6bnqYHX3kOM_G-ViHu6rx5VvoAA9AI37HsTYALEvOh4HF-JBgL7x-KToLjRvZ8VuFXWNc3KI3XtgOyR_Y76y8sEQfD6xYCsN5h9XM-niFVMdn8aek-I7Fe1gHB95nsz3W-IfoSGPuffQO_n3FVFrxDr7qGw6F2vfDyRK4Ph0QuJqG9pKZU3XysPDKJYFJY468odx4vq6Adr1-dw8SwH2LQmOAk1qB-xXaP2lT3jI90KvmgLu4Q4UzzZulPF4yZS980g76EDoJlpQH4BIROdGRhBQ35dp9ja2U4J73hejB-JhkWV1nQYbAuFCmrZ3QDcdwwailqkj6b-YjCXWaZl_40nDBjs8YInwbBgt6PwTpSFSEk5aRv6e_Cjac-WCWhlKNQlgUb_Gr-ey7OrM1duyBg1c0VPsmsXIr-NQnvs93pL-cV9ZlMAyznR3fmsBCtGwlI_HyC-SGbP64yfjiJCoyHiT5jswXXEe68SmM-Ypbf6ZDlRyaRxlcFmDR00y9p3ce4-CsNdDPpr62nxTD9jKF16Vk9-fEyzGgWhD45k742by1ObKJFVrntQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame AE0F 37 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 14:55:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E349 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=402142884144516&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AE0F 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RgH07A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:52:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&sid=AhfsiFcKEeWiRXFF&oz_sc=15bfdf1ebd9b647146baf4ac&oz_df=1688140320325&oz_l=6818&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:51:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 32ms
31ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&sid=AhfsiFcKEeWiRXFF&oz_sc=15bfdf1ebd9b647146baf4ac&oz_df=1688140320503&oz_l=560&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:51:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK f54f9544-f6a9-41d8-8e75-8fc77e499cb7
https://googleads.g.doubleclick.net/ Frame 47F8 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/f54f9544-f6a9-41d8-8e75-8fc77e499cb7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a2866ac28218e8c65f85c9b58f5d84b8d13f16cb957c4d71fa455452e3ac84c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 817
Content-Type

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 47F8 16 B
209 B 69ms
68ms Fetch
application/json 18.168.234.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.234.149 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-234-149.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 15:52:01 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 382ms
22ms Preflight 18.168.234.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.234.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-234-149.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 30 Jun 2023 15:52:01 GMT
server: nginx

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 35ms
35ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&sid=AhfsiFcKEeWiRXFF&oz_sc=15bfdf1ebd9b647146baf4ac&oz_df=1688140320697&oz_l=658&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:52:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 747E 0
0 53ms
52ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=402142884144516&bg=!rK-lr_vNAAb90kgr3dI7ADkAdvg8Wl4ElxPQhptoMa4SEeeIpJXhCocztjE0JRGLvhL8ZxrcgnlI3H72uSyG9wdXwoUjSw2rXw4CAAAAQlIAAAADaAEHmQLu6A_7QXLAFJk8AVtZ-vyRludhD3ndj3F14L3bwNivkXMaT7w06BF0onnVutcm8cs8rGfS6R_xk3Wkk5afN-DuLSEQ00pkmCJkKZaH4Rp6UiiYEP5th_qKzyf26FwgaxZcs-aKojcXDcouqrDTedZQ48ROq6fJhct3ks_EX1w8LHd7XZ9smM4Mfw-vGXMQRxRAT8K2rNyrzYGOjgZjcTqtdIhQST_6kskY3n6t0iUftoN-uHGtXLh035r7jKmbIio6B47eivG9ihHprixmhm6XUuzFT3ymGpR3IybNoYCP3gVRfpVFQQXFF1ujZUr_ZE_8KE7rnkYknv4RFz78wUKVbrXS9FsH4N5HjOdoOYhQF9aE-nFYXvONoB48wqHV-Agpgux5RhNm2x7Z9Z0bKIjB5wYOAci03vkt-H_DqKbIorw64YWjCMBrv76VJSa4fP09WP2Ndhnjl26kY1NFu4YoxQ-m3F7C63vR7Siiq09iu7cATWwV7NX7VXZ3_2_cJ2AQHtnFQwvw7UYZtGYWxWEnji3Ap-qmp6yxypE6PMNNWLViUxBPJrppKHdhvsxyuPJPC3zXv9z6brGfvoPXiQ8dYNZcIIvaMP0IlDHjcZ3ZrlaUWMmmT_AUOH4uKJ2LDqABr4TqHaLG71F7ResQMQupZjzWZ7aqfIZlQ8gkbmAKeazDV0K4ObWcy7dvehUyGsbKiJX8-K0fBz-sBzEHuL9imo2vPapdy28UVm7PgmntyT4G9SUPONkpFZr5jDlh4jn91xDAyl7apbiJdWqBa00I6xv7-8AJfea35v7oGFgCpbgSqCw1YEeRy3FJO9c1oewsW4cYCHc2lDOKGWjHEU4RnRK_5sxRP1MAbCha051eU61QICf0iyb0u7GMkJWIbY0E6N1YE0NMHxTR9QgtizM60CObWcadIgGBKn1PzpkdjUTqvfAmngiEjtr7C7TIghUdgjSc25nomlqZnI9Hx-tbDFIAYxJwdLH_84A_qiwf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&sid=AhfsiFcKEeWiRXFF&oz_sc=15bfdf1ebd9b647146baf4ac&oz_df=1688140320924&oz_l=3152&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:52:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 32ms
31ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&sid=AhfsiFcKEeWiRXFF&oz_sc=15bfdf1ebd9b647146baf4ac&oz_df=1688140321080&oz_l=1237&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:52:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/ Frame 47F8 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.2/619621/AhfsiFcKEeWiRXFF/postback?c1=4562306&r1=2a00%3Ac98%3A2050%3A%3A&r3=&ti=7593560589312151619&pp=pub-5884294479391638&dm=300x250&cr=6622326&r2=&ci=619621&di=https%3A%2F%2Fwww.xgcartoon.com&ui=6e5249b3-0d17-b7be-0000-000000000000&sr=4&de=43000&dt=6196211556140246740000&ap=&si=464927259&ai=216536&pd=avt&pv=56059914-39ee-48c1-a5e5-9cb9ec177524&ac=651871&sid=AhfsiFcKEeWiRXFF&oz_sc=15bfdf1ebd9b647146baf4ac&oz_df=1688140323523&oz_l=46&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:52:03 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onetag-sys.com
URL: https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECRw_aJNf4Z0OmvuFDMilKg&google_cver=1&google_push=AaAOQGHMb1YjUfQrwRFIjj723XOZQgNKtAx5C7Kc_LgsdHgwqu5K6Kw6-zLivXB3md2fthEqv3ToFVkbdozzGu2n6EGh9WvjzJBR1A

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xgcartoon.com/	1970-01-20 21:41:16	Name: _ga Value: amp-n86Is_kZ0zJTsbPQUeHtuw
.doubleclick.net/	1970-01-20 22:17:16	Name: IDE Value: AHWqTUm8ffgd5zK-zbo0wQ26u8sYK6kKIihvuPtVMdGNPazdcDmmnX0NKRZ47Y1_2pQ
.doubleclick.net/	1970-01-20 12:55:41	Name: test_cookie Value: CheckForPermission
.w55c.net/	1970-01-20 22:25:54	Name: wfivefivec Value: BMoq0ttl1QfgpF5
.mathtag.com/	1970-01-20 21:41:16	Name: uuid Value: 5a4e649e-fa1f-4b01-ac57-be78a9431de3
.3lift.com/	1970-01-20 15:05:16	Name: tluid Value: 1941411271911396320718
.mathtag.com/	1970-01-20 13:38:52	Name: mt_mop Value: 4:1688140320
.bidswitch.net/	1970-01-20 21:41:16	Name: tuuid Value: 501c070f-4ec7-4800-92c6-d23e8a9c9459
.bidswitch.net/	1970-01-20 21:41:16	Name: c Value: 1688140319
.bidswitch.net/	1970-01-20 21:41:16	Name: tuuid_lu Value: 1688140319
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1688140318%2C%22utid%22%3A%2264a317a1bb94d0a5496b141200c927c5%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.360yield.com/	1970-01-20 15:05:16	Name: tuuid Value: 985e1e17-5a8b-43b2-8bd1-b8a99c402a4d
.360yield.com/	1970-01-20 15:05:16	Name: tuuid_lu Value: 1688140319
.everesttech.net/	1970-01-20 21:41:16	Name: everest_g_v2 Value: g_surferid~ZJ76HwAVnrvyYgBS
.ctnsnet.com/	1970-01-20 21:41:16	Name: gid_CAESENl3kINV0NV7TUDf2CO6_l4 Value: 1
.ctnsnet.com/	1970-01-20 21:41:16	Name: cid_019656e34f7240c9a5435616f70f0bf2 Value: 1
.quantserve.com/	1970-01-20 15:05:16	Name: d Value: EBwBCQGtKYEA
.quantserve.com/	1970-01-20 22:25:54	Name: mc Value: 649efa1f-8a1b3-5dce1-224a6
.lijit.com/	1970-01-20 21:41:16	Name: ljt_reader Value: G5y3pGZHFHnuOE_-RU2c2nKN
.de17a.com/	1970-01-20 21:34:04	Name: guid Value: 1.5062200194725762755
.turn.com/	1970-01-20 17:14:52	Name: uid Value: 2989196643917063055
.rfihub.com/	1970-01-20 22:17:16	Name: eud Value: H4sIAAAAAAAA_1vFwmtoZmFhaGJgbGhpZmAOAJfIBeIQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrU0MDE1NTA1MxPiM9S1SAxxzEupcsoLSjIDALQhI-YlAAAA
.rfihub.com/	1970-01-20 22:17:16	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrU0MDE1NTA1MxPiM9S1SAxxzEupcsoLSjIDALQhI-YlAAAA
.tradedoubler.com/	1970-01-20 21:41:16	Name: PI Value: 1z11z1z11oz1rHGZNz7ab3y1y21FmOy1FRDyyy7WPTyvUky2LIbPkyyF21uv4Tus%7avJRvEMawr%7aXLjlkFUCf3Z2HsKDe_MPQudsPkpwfC%78QHsA%7ay
.tradedoubler.com/	1970-01-20 21:41:16	Name: UI Value: 1z11zz11ozKHafwztbDyP9qp
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.awin1.com/	1970-01-20 12:58:33	Name: awpv20044 Value: 412871\|1688140319\|0c67d4c1-175e-11ee-87f6-2265f034cf4c
.office-partner.de/	1970-01-20 22:31:40	Name: source Value: {"webgains_webgains":{"timestamp":1688140319812,"clickCookie":false}}
.simpli.fi/	1970-01-20 21:42:42	Name: suid Value: 891AC26B68B24EEC89E85213AD65CD96
.yahoo.com/	1970-01-20 21:41:37	Name: A3 Value: d=AQABBB_6nmQCEO1PvzriyW0Q1LkWrB2OkFoFEgEBAQFLoGSoZAAAAAAA_eMAAA&S=AQAAArDWXa6vHLn-2fg0i-tcAJk
.blau.de/	1970-01-20 13:05:45	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY4ODE0MDMxOXZsZWExZGUyMDIzMDYzMDE3NTE1OTg2MzgyNzM5NDY1WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/	1970-01-20 13:05:45	Name: nscQ486 Value: V
.blau.de/	1970-01-20 13:05:45	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023063017515986382739465X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY4ODE0MDMxOXZsZWExZGUyMDIzMDYzMDE3NTE1OTg2MzgyNzM5NDY1WDExMzc1MlYxMjI1MTMxMTA2T
.o2online.de/	1970-01-20 13:05:45	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 13:05:45	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY4ODE0MDMxOXZsZWExZGUyMDIzMDYzMDE3NTE1OTg2MzgyNzM5NDYzWDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWRScHd0Z2ZRZkc5ajRVa0h3SDN0UXRkZERhOVN6VFlZNFNCMzlrb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyMV9CRVNUUEVSRk9STUVSMTE3NzAz
.o2online.de/	1970-01-20 13:05:45	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023063017515986382739463X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY4ODE0MDMxOXZsZWExZGUyMDIzMDYzMDE3NTE1OTg2MzgyNzM5NDYzWDExNzcwM1YxMjI2MTMyNzAyT
.tribalfusion.com/	1970-01-20 15:05:16	Name: ANON_ID Value: amntmIy4ZawFBA9MAJPnhqZaAGMRfMNFJ0HhCW9oBFgZbiZbrZctFuM8WrDq1aAJRD5hGpoOHpFTdjr1ysi41Fg5aLm0i

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://972cac153261466e715372c64373158c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1hkrnn6e0etd8pdf34retfawjv9xm9ecmav5vg94zsw1tqykt4kkbn9njyct8srdb01m1tpa8ewh9qa5sr0qnk1b47e6jtardk51w3ezcva1h0e3h2zgj39b9jvf7w75wm778ws053236ztpz9htdatvyj42qe8jhdcsccwq0zrza7zkc6vdyqqbt41p0kt3b7nrtwg563mmm8agfsc1tnnyeexh451q2vph8m2g9qgs017b6fny43npndxxt56n09vbqwgntyez13etfy5c8x4gk00yygy7xdzxt25qa4t878phaa17cdzspvkqeaw4nvn7fmwhfjtnfm5f0920znc7t9tmsv9pztvprnzcsyrqr44rg0f8pyjfv13cxganj7c52crnrz4qxmkd9r0g07h0z2ty2fvpyyywcdrg0yhpygw5z7v0fx48pyydgvcmdcwr88j1gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%26client%3Dca-pub-5884294479391638%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jrdp73bm3mns93cqw4s4rfpbp6pd6xn0q898x0y7098js8d1zpxmw581asbgf53t26eqxpk3eskp350szyfmv0b0bsm7jpb4f4xsq0nya19zghfh71qr0kbbwcrtqmq6qbg0e6ce8y04gy8g5bxypxbacvrvrrff35y8r79js5avtfms2vtd3n3ms7ytmj9bh5xtdkstazt2zpjxwebg341xnvwwyxaskx7cm82161h67wtgps11gay8y45k0we0fvfk6tsz56kzpsyx2pj37bnckc3d1msfhgzdktdzxavvg66661eqkdnztb66j748t6hkcpe0gbm073s241vxmrwqx36nw7wb2fynjkdv20jmqwkrg1k0f1t9j6z8dhvny42md3a5v2cyk07a08erhq6hvsbppvhwbzxj9y1ywrwp86441mbp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%26client%3Dca-pub-5884294479391638%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network	error	URL: https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECRw_aJNf4Z0OmvuFDMilKg&google_cver=1&google_push=AaAOQGHMb1YjUfQrwRFIjj723XOZQgNKtAx5C7Kc_LgsdHgwqu5K6Kw6-zLivXB3md2fthEqv3ToFVkbdozzGu2n6EGh9WvjzJBR1A Message: Failed to load resource: net::ERR_CONNECTION_RESET
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=600&e=&g=32a6afe3f4b1bd545d636813b36dc454%2F13036054467318027047&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1688140319590&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k4tvmdn6hb18gdjv7e8hbbacgpa90j0s30sbj8x8va2k50j24v1bn6n9q5257zht4bnbbm2cabtb0mqq7e0nqzecd7e74d9sat9qg7pbcjy6csw9xwpk0bq28cc5fq6784zcq8r7jefe6p68gvrtmgr8nc2g50hgz0am0hvgb0tzgf1t3z760s54s8cpj8g85wp6ggmr6r6354ptmjpcbv6g8wz8mcf676qjm5t5em12ha6pfzk32m55m57xtfcvsfvzk83zhg699yzpfrkh1b6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCDtsZHvqeZJmkOOmk9u8PvP-CuAyQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIY5pM2EDKyPuACAKgDAcgDAqoExQJP0C4LSNk-shAQR6GJGHIpO4TKa80Sfz1Uw9n26Q2Y4lTGPVrFcOrWaBkZkWE-d-lUuRYzF6bL0A9fZiUk-GDRy9l1w4_sthkbrILVihHW7H-HESbiBXMVrMTRD6hFYdcBt4NO7JJrkOED6l-ILHcRa6DvBvq9q6Yc9Gny6-2UeZEr2-NLd83kiGGd_kLAh6QkAVcHmRVc2EwZMsZ_tV5ZC89IuAHglBN4hnx0hj0ezQHY2Sg5hmPRcfIUqv9yX4c35I-oZAVq7VXNo5lYg9tqL7AD1qLKr4Lpq0Fqj0KuAOqsi8ZjPBkAeBhjP9lTaSXS9CvbdWpsixjDUZfFk2WI__EfS9PDZBZlOcFaE3UIgYxQhg9KhfWHC6dEo2gKLreYKkJujOoy7qJFI-GnAbIt2rpGAzEuqQZDwUB5cP7XSA8bTFSE4AQBgAa0xrSIoKnzoPkBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3qhruEeuZQlmeDIr7QoZIwqNsGqQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C117569&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=120&d=600&e=&g=cec007dfa414ff6fe22407247645e766%2F4285040248829333530&i=20774%2C20773%2C29981&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1688140319618&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jmnmyma0p1hrrcxtdx0rt6bgs0bpmt7dymyx7rhjtpyfseyk1n7znsjf95d6nszqbjykbv49203zf06150bb61d9rf02t42c98h6xs2649pb2ak1n796gdbnx8w6s6rxr22yyjdcw0ry46zn6wbhhvhx0m74m1t311rjffmedtxxp8dny3aeykp2bptdwzbdms6q1km3ayfsm9dhp0d48g7k9bwyqqxx445vw57ta2fvgcn2555nj0pjehqhf8dhdd0sa8ns2ykswqwmd2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5hNtH_qeZND0BfLZ7_UPntqI6AeQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIKZfeuGDWyPuACAKgDAcgDAqoEwAJP0My_XhJxObWPKF1G0NwYIFHA-byVwVRWrF4AEWs83jfvDqRaK-pltGUJC8XzRnQhHz98zR1T7ESAmTY-eBm3A9QV48390ODBCSVoHN7OmvtwLn2yHjj3MbRIfZlbCvYvmAQ4Rip1DGVqcEVFWTsf6ftFxCt8qlSC-msguQMc4EbjOHlMhubTbE9L93z1vxecSY6FPdGoA4OQ0ViCa6GnLzMcmgWBWovKOrhwIPMzO2D3Aws66yDuMdXhhhmPHrmXTygSOgmXpHpb1yTGT8mL2uB0WhOydnh4EaaZi6Q4XrvJ3gAoy0cd3fJfVWm9ho2feE1nCgUJ7XRLfWP7DROqSRa6L9bF7fmMx-3yGvA9jDqzQhaTGef3GfMVGehk9QH_dgfpDS2XlhWyCCerfjAsFLl9WkyEK8bs-lafo5HceOAEAYAGzoTKq-u7gbpUoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_245T7isSx32gPR9VIwwOwa1bh3lQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
worker	error	URL: blob:https://googleads.g.doubleclick.net/19e0375a-c287-48e2-b0ce-3f6858912c7a Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/19e0375a-c287-48e2-b0ce-3f6858912c7a' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/19e0375a-c287-48e2-b0ce-3f6858912c7a Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/19e0375a-c287-48e2-b0ce-3f6858912c7a' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

972cac153261466e715372c64373158c.safeframe.googlesyndication.com
a.tribalfusion.com
a5468360c97b217284e98bb21518dee1.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.w55c.net
adservice.google.com
adv.office-partner.de
amp.analytics-debugger.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
cat.fr3.eu.criteo.com
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
cti.w55c.net
d3c473a6c3efcf6414de0082b41df275.safeframe.googlesyndication.com
d5p.de17a.com
dis.criteo.com
eb2.3lift.com
fa02c4c9116c23e4202195bc7476fc84.safeframe.googlesyndication.com
fonts.googleapis.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900011.redintelligence.net
i.w55c.net
imageproxy.eu.criteo.net
img.tradedoubler.com
impfr.tradedoubler.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
rtb.fr3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s.update.mediamathtag.com
securepubads.g.doubleclick.net
static-a.xgcartoon.com
static-de.ad4mat.net
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
t.hspvst.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.xgcartoon.com
x.bidswitch.net
onetag-sys.com
104.102.45.165
13.224.189.110
138.201.220.30
138.201.64.38
142.250.186.134
145.239.193.130
151.101.66.49
154.58.197.185
167.233.13.224
169.150.222.217
172.217.16.130
178.250.7.11
178.250.7.9
18.168.234.149
18.169.71.137
18.203.209.222
18.66.147.120
184.30.20.207
185.29.132.245
185.29.134.249
193.0.160.130
2.16.97.41
2001:678:cb4:bbbb::11
213.155.156.181
216.52.2.91
2600:1901:0:76b9::
2600:9000:2057:6800:1b:5138:8a40:93a1
2600:9000:2251:e800:3:4706:a6c0:93a1
2600:9000:2611:cc00:1b:f040:3600:93a1
2606:4700:10::6816:2e93
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700::6812:18ad
2606:4700:e4::ac40:a01f
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a02:2638:3::10
2a02:2638:3::3
2a02:2638:d::11
2a02:2638:d::4
2a02:2638:d::c
2a05:d018:d29:3602:cb7c:b9e3:cc95:725e
2a0b:4d07:102::1
3.33.220.150
3.75.62.37
35.156.203.47
35.186.193.173
35.186.231.97
35.204.158.49
35.227.252.103
52.212.22.41
54.93.94.222
69.173.144.138
76.223.111.18
84.200.5.215
99.86.4.36
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
02efaa0a75ba4e31a44f968b5dd3ab5a37217a996e6d300b0a9de67ee37982ee
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0482bda7cdeec898b23f69957b36f855e0d553060f536a88c17b72fa1d9b7452
05747cc165f35a75b4255321a8689b4b9a61b8ac03a04840fee486545a7ba863
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
088537e62b18679311e115b30c7cbef90090228c0c616ad3eed0a254dc487cc1
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e77e436f290ee26b6c9b80153d0cc86b88211ba39bf392b5af95c865fe493fb
0ffdd3bb57b9c5e6894bf74739c6025b3d98979ff6f3d79fe00e6e8fec48206b
12811a2a980b791aec6a246962f29bbbd58cf09c69bca3ab6c7ed6f6d96c79cf
13510480db4c6ad546880825720e70b85bc49e374aa5df36c0ce89f1ff4085bf
1423e91d213723c449145f5a7f0bafe65564a10f9bc64cd7cf1842fd5790b34e
14b65418b226b9b98ed0a26834746b01393dc9b4e97e554b5478118eff018521
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1a2866ac28218e8c65f85c9b58f5d84b8d13f16cb957c4d71fa455452e3ac84c
1bcff3d783e8cbfa9bc7894327aa463ff77cd83561618a0bc497447609c85edb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
253ded2f23de07a4489d6c9c957c9618918f40a87119990113cb4b2197777936
261e9e2e8ce0bbc8034e0e3faab774335cdf97227f541eab88ce7fd7bfed3edf
26924c904fb54855018ec88d1814f39da6f832a39a6f023ef34c37ad58102e4e
2738c8a7e1e398476f23b5a30d867e1aac66820a55e6d0e6bdd43a4adc7b254e
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
279640665adc92d4244ed1cfbf8e8dc558eda38fc5bcf56cb9d8bad0c5c5de91
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34b3beff5a4bba1cab3997b3745355e0b710db414fc828558c14d44b951c704f
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38ce9bff6b26eedf082d642de5ffa5126d8c4a41f328acf258583c6e2c168358
397e7ba7adb045cd8a8020d328f3f0c8fc70d4455660cb433ed4c28cb99c545e
3a7164362bbe2722e1734674631cdf2b08acf542e8c6bbf2d2938454a1793350
3b41b305ff10cfe0c35ae64cb20eea34f4600d63b195d44a30fa920a2df6e45d
3eae680f1fa731a35286696dee64f6b1ecdaad23c40982ace994bcedf4fe0deb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f70cd4e86bd596131a3d7eeac75dc4aff40cf1358e86b74bfc04bd27525a144
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
41badc7f67b4ba72b06026132832e30ec818d234345fea7ecc04728d0a266442
451c10fe69bead722a7bc2493ed3291fad1bba2430379cc7ae17391af69616ae
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4725368d82df748cf3d5c994272e394b37321221e7ff112fbd5888df7c5e332a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49770ff663b41cf03fd8dd0c17dedb6a7ed890398690c9b36a71fdf64665c17a
4d1d3c2541088e2868f6d6e6742122d2824a8264e99cfc9f504b9c3211a9dc0e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
511b9fc639173fd7bb110414c8ef2ade015465bcaeec25a9f25f1a73d00d4b66
52795debbe7d648aa1f1af1b3e7c173617fde99a86ea12a69d2a6f414d4a6e2d
52e62c9d207e90a0ed18f425f85558336bfac1ac7b4d54004874b8bbe87efb13
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ecc52e1cbb695afd0f56486faa5a7e11a94fb32aa4690163efdbc2d3a770db
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5980201b999142f4ad04c615d7a64cf9fcd1193e529bda1f7e2f2d3d5e5fff97
5d1540abe66cfe03f7687c09cea607b10baf9365b66fbce0231857be40b72b8e
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73118c2fa9518d27eea54c1cee7a3990565ea2fe1d6f99dc84aef32dbdf83a61
73daafa8d9121fa648efcde2397d4ee08ef76f69813a7a6a32b0506f839903ea
7aa32f5c05a9924d2414c8371ad29234f86c5420c3a5c9077a0c5bf7d98204ce
7d0e0148a7c7c227829016069644d6b707d102fed7c7358113f48290263fd609
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
89020ab05ea43c95ed6b8186aa87209cafe5e5a4e52502b92604c34e88e1a4ed
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8b6100095d2ad074411d2aa0c3d38fb6bcbefd28f2ea89c38f8f696a028bfe46
8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
916f7bea552b5464c1b61c30caafb0689a2b1a238d5ac6762f4adbbb76b19a01
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a4ad9316204ce252f362c1e9316baab03832a565daa2ac4515fb411cc0c5f69
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b577905b7ac293ad6c4a7af59884a8991626c591785bec49cb78caab17c933d
9c49dcb117c4639410f57d60c680ef72018b6886c84985628ec6665fe2e7815e
9d48de830c3d4c371257d6ea6096f9dba46ead4569f94e2b101aa37e0eae5737
9d86682a329160bf87a55eadb98831b539f5e4f2f05cc9cb6163f30c6af8927f
9d990aded18187b4f3118e6307bf2a53c38cd2d4132359bc886d3fe323eaae05
a0c98090bc59b7f75a441d10e9f2505881fbd43cbf95d7a29162dfcab0eb0d9c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b040b6739557f595634b6694181ec841b0be012baf54d9704ef63f7edb1b3c79
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8309a4ac613362e890e4e818e5324efd8e2cd4184d29ff180a35ae42f9b67b3
ba8798da847553e582e5cf3c136a3e98ea3fccbe06259779eccd75953a568afa
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c0f5c4b801cee75a0e8c0cdc0eb7c819f377daa7c1f1ef63a426ff8e92a8b0bc
c18e2315c56d49d5a3c5caffad32c5f250aa098098b8a1513038712a4cb55ba4
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c8e4764999d4821969bd177fb548f36d2ea217b29902bab37b08fb9277391d68
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc2e30d6ee1537ae5c0ea15220a262be4dc5e4ea425bc8be4289a92565240f89
ceb3913bde60b666c9b29641e8b8da5f0b430c32d3be984a0b5053d9e46332d6
d7c52806df5f3f291f070ae0d7cc076a6e2894bd6193a7f524319966853266fa
d881845c86ba13d00e7803400670c9d4bfaf30eac1f43f6273a7fc49db10f1e4
dad6b1d729275da998ffe9046246aed006e6e1279f708d2f42f39cc5e087c9de
dd378854072db6b917611faefcfc33dfc6d0aaac41a7ff23acfc2e5b739100d9
de025e75b63872ee1c88d57f989e71996396f96d4c2c35688ae59b17d66701ab
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
ded5ad320ec2ed9002a9340bcfe57cb7ad5f730f4d55ccdde5f57e52d06f5e6c
e0be2a7430ebc21673c74cf4a3ff644af842be5fc8dc1f661b711e52d64f65df
e1f1298767e4be7239cf28bb31eaada9d1750fbf45f29b2294fcfd4add302bdd
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c88f00a88cf5cd2687dbe95eb01fcde1f96b01a5769e40061057ba50a8faaa
f1f13ca98c025052b2c204f7aeaa995931642ad995445b3f50d0f6dd0a79f43b
f2375555345dc99cf98577de9d68ba9ae155ec3d2c412745700f7a68baf2ab8f
f27ab20130e464959392f7f4f5766accefb7a5953e5ddc488fcb92077c118454
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f688b8dfc364b75c1f758c634c63dd4b757b621e31c8cf5337712450c18a07c4
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fab0be2687e620d081fd4eefc04be4ffe7e643b17736093205b45f33fae0887c
fac65eae91e538682a3d665f71f914b4c23f75d63e108f39bbfedae2d4c18bc9

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

265 Requests

89 %HTTPS

44 %IPv6

49 Domains

77 Subdomains

51 IPs

10 Countries

3913 kBTransfer

8537 kBSize

39 Cookies

1 Outgoing links

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

89 %
HTTPS

44 %
IPv6

49
Domains

77
Subdomains

51
IPs

10
Countries

3913 kB
Transfer

8537 kB
Size

39
Cookies

265 HTTP transactions
13 data transactions