www.weihnachtsgeschichten.net Open in urlscan Pro
2606:4700:3036::6815:5dc9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://weihnachtsgeschichten.net/
Effective URL:
https://www.weihnachtsgeschichten.net/
Submission: On March 19 via api (March 19th 2023, 9:55:26 pm UTC) from US — Scanned from DE

Summary HTTP 208 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 55 IPs in 9 countries across 35 domains to perform 208 HTTP transactions. The main IP is 2606:4700:3036::6815:5dc9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.weihnachtsgeschichten.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time www.weihnachtsgeschichten.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	2606:4700:303... 2606:4700:3036::6815:5dc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:a00:12:abfb:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2010	15169 (GOOGLE) (GOOGLE)
4	104.79.89.16 104.79.89.16	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
22	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	87.230.98.74 87.230.98.74	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
5	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	136.243.25.83 136.243.25.83	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.98.137.157 104.98.137.157	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1	52.56.125.139 52.56.125.139	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.123 52.222.214.123	16509 (AMAZON-02) (AMAZON-02)
3	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	54.195.112.141 54.195.112.141	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.112.32 18.66.112.32	16509 (AMAZON-02) (AMAZON-02)
1	18.173.233.45 18.173.233.45	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.70 13.224.189.70	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
1	13.32.106.197 13.32.106.197	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:de00:e:29d5:db00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.167.218.243 54.167.218.243	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
19	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	18.132.34.25 18.132.34.25	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:1800:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
9	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
26	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
2 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.121 18.66.97.121	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.194 172.217.16.194	() ()
208	55

12 2606:4700:3036::6815:5dc9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

weihnachtsgeschichten.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.weihnachtsgeschichten.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:a00:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.230.98.74 (Bergisch Gladbach, Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com

b.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.25.83 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: api.addefend.com

www.tisoomi-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.98.137.157 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-98-137-157.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.56.125.139 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-125-139.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.112.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-112-141.eu-west-1.compute.amazonaws.com

ups.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-32.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-45.dus51.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-70.fra2.r.cloudfront.net

signal-segments.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.106.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-106-197.fra60.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:de00:e:29d5:db00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.167.218.243 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-218-243.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.132.34.25 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-34-25.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:1800:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-121.fra56.r.cloudfront.net

dfp-gateway.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 134 ade.googlesyndication.com	394 KB
35	seadform.net server.seadform.net — Cisco Umbrella Rank: 29722 s1.seadform.net — Cisco Umbrella Rank: 131294	288 KB
22	doubleclick.net 4 redirects ad.doubleclick.net — Cisco Umbrella Rank: 168 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 310	249 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 272	400 KB
12	ad4m.at ad4m.at — Cisco Umbrella Rank: 9918 as.ad4m.at — Cisco Umbrella Rank: 26862 assets.ad4m.at — Cisco Umbrella Rank: 35263	701 KB
12	weihnachtsgeschichten.net 1 redirects weihnachtsgeschichten.net www.weihnachtsgeschichten.net	177 KB
9	consentmanager.net b.delivery.consentmanager.net — Cisco Umbrella Rank: 46402 cdn.consentmanager.net — Cisco Umbrella Rank: 17658	116 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9360	2 KB
7	teads.tv a.teads.tv — Cisco Umbrella Rank: 1333 at.teads.tv — Cisco Umbrella Rank: 4544 t.teads.tv — Cisco Umbrella Rank: 2635	136 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 3920 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4740 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4893 signal-segments.s-onetag.com — Cisco Umbrella Rank: 8115 dfp-gateway.s-onetag.com — Cisco Umbrella Rank: 16987	25 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	110 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 713 gum.criteo.com — Cisco Umbrella Rank: 386 mug.criteo.com — Cisco Umbrella Rank: 2753	8 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 283 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 471	59 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	146 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18328 api.webgains.io — Cisco Umbrella Rank: 46334	31 KB
3	xplosion.de ups.xplosion.de — Cisco Umbrella Rank: 19250 cdn.xplosion.de — Cisco Umbrella Rank: 29579	6 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3749	58 KB
3	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 396 ajax.googleapis.com — Cisco Umbrella Rank: 305	14 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 896 id5-sync.com — Cisco Umbrella Rank: 408	17 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 660	461 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 629	44 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15428	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 82	64 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2765	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8720	531 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43375	3 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 980	9 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 36521	2 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 84741	550 B
1	tisoomi-services.com www.tisoomi-services.com — Cisco Umbrella Rank: 902736	276 B
1	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 24647	153 KB
208	35

	Domain	Requested by
26	s1.seadform.net	server.seadform.net s1.seadform.net www.weihnachtsgeschichten.net 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.weihnachtsgeschichten.net 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com s0.2mdn.net
19	pagead2.googlesyndication.com	cdn.unblockia.com securepubads.g.doubleclick.net tpc.googlesyndication.com 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
12	s0.2mdn.net	www.weihnachtsgeschichten.net s0.2mdn.net
11	securepubads.g.doubleclick.net	storage.googleapis.com securepubads.g.doubleclick.net www.weihnachtsgeschichten.net
11	www.weihnachtsgeschichten.net	www.weihnachtsgeschichten.net
9	server.seadform.net	32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com s1.seadform.net
7	mc.yandex.com	3 redirects www.weihnachtsgeschichten.net
6	assets.ad4m.at	as.ad4m.at
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	1 redirects tpc.googlesyndication.com www.weihnachtsgeschichten.net 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
5	cdn.consentmanager.net	storage.googleapis.com b.delivery.consentmanager.net cdn.consentmanager.net www.weihnachtsgeschichten.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
4	32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	b.delivery.consentmanager.net	storage.googleapis.com www.weihnachtsgeschichten.net
4	ad4m.at	www.weihnachtsgeschichten.net ad4m.at
4	a.teads.tv	www.weihnachtsgeschichten.net a.teads.tv
3	www.googletagservices.com	32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
3	googleads.g.doubleclick.net	www.weihnachtsgeschichten.net 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	c.amazon-adsystem.com	storage.googleapis.com c.amazon-adsystem.com
3	mc.yandex.ru	2 redirects www.weihnachtsgeschichten.net
2	googleads4.g.doubleclick.net	www.weihnachtsgeschichten.net
2	ib.adnxs.com	2 redirects
2	api.webgains.io	analytics.webgains.io
2	gum.criteo.com	1 redirects static.criteo.net
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	bidder.criteo.com	static.criteo.net
2	signal-segments.s-onetag.com	get.s-onetag.com
2	ups.xplosion.de	storage.googleapis.com cdn.xplosion.de
2	static.criteo.net	storage.googleapis.com securepubads.g.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	as.ad4m.at	ad4m.at as.ad4m.at
2	t.teads.tv	www.weihnachtsgeschichten.net
2	www.youtube.com	www.weihnachtsgeschichten.net www.youtube.com
2	storage.googleapis.com	www.weihnachtsgeschichten.net storage.googleapis.com
1	ade.googlesyndication.com
1	dfp-gateway.s-onetag.com	get.s-onetag.com
1	ajax.googleapis.com	s0.2mdn.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	mug.criteo.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.xplosion.de	ups.xplosion.de
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	secure.quantserve.com	storage.googleapis.com
1	get.s-onetag.com	storage.googleapis.com
1	track.webgains.com	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	www.tisoomi-services.com	www.weihnachtsgeschichten.net
1	at.teads.tv	a.teads.tv
1	cdn.unblockia.com	www.weihnachtsgeschichten.net
1	weihnachtsgeschichten.net	1 redirects
208	61

This site contains links to these domains. Also see Links.

Domain
www.consentmanager.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.unblockia.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-22`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
b.delivery.consentmanager.net R3	`2023-03-19` - `2023-06-17`	3 months	crt.sh
1376624012.rsc.cdn77.org R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
www.tisoomi-services.com R3	`2023-01-29` - `2023-04-29`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.xplosion.de R3	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.weihnachtsgeschichten.net/
Frame ID: 3090BF5F2FB466F7697AABAB8D948583
Requests: 76 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4D96E5BC873420F9C266490094388CCC
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Frame ID: 2D8E69D27D2F5D17C9CE1B51AC5CBF39
Requests: 14 HTTP requests in this frame

Frame: https://cdn.consentmanager.net/delivery/crossdomain.html
Frame ID: FF52EA4562689A16BF14E0E2C7AA263B
Requests: 1 HTTP requests in this frame

Frame: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 312769C9AACC852BA0891C9125C5AFE7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.weihnachtsgeschichten.net&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA
Frame ID: BDD4179A51857E284B87E45764DFFC6F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E65FFCFFC654C07E10884C92C035A5FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 102EC79CDAC18B65D991A3C6E7E1AFF4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
Frame ID: 4A85F2C72EE4D84895319CFAD0338335
Requests: 12 HTTP requests in this frame

Frame: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D056353B990C9E166DC872B662EA4EA7
Requests: 15 HTTP requests in this frame

Frame: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB984A024D35D08A304696686FDB4AD1
Requests: 17 HTTP requests in this frame

Frame: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/12294849.js?ADFassetID=12294849&bv=514
Frame ID: DE4C6FAB71D6830AB8A19E91FF8AC9F4
Requests: 11 HTTP requests in this frame

Frame: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B00F73653E0112001775A444B5C719E9
Requests: 20 HTTP requests in this frame

Frame: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/12170212.js?ADFassetID=12170212&bv=516
Frame ID: 040CDA9971FF594222B3BCD61E73F066
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNV-Y25NWXmxSrIxsLNu3-L_RSlCuR_iRbB4yyvkmRaz3xB1EbE8EzYzwW_3-7mAUVszxx3uKNkv-7i0j8K05dq40XeVCap4q5UnJoL8txHsO3WpOoTabC52w-vu3K9OmIuZb9K-n4kJnF4nS8lXGqxLfLUMtnyqyWv_WnKzvERWS2QSyeXToRDN2acZiPHSaJMnkUCbDcBST3zNWJuV8NMemHZuESbGaUW5J91enrQOvEHTvpNWo1WeSL2mCGIpjXpi8H7QKkTeHGwhn-f8jGx-nQQxfjJDBZmEx4cpkIaHCSXozu5U8FcojYmw599tMKY98kuN-e1hQh9J72UJ1nYsQ46RfzQy51R1agIIby9hTZsjrUhqBNufJ8PqI410a7zwY--KdWPUYjwveIHOc5C7hPK7s4hzXEvDzLAoe0vOx3XXL7aLH6ObnDCIhDAkV105EwcmsgpPEKne2N72z_a0SA6CoKCIXtDUZz81m2hpbODUDaMqxBMyGZ9vPoYQiqDJbtzdP1q4xgUVu3YR1tpd0P2rPepUb7BgndRwAOaxn3HPcg3ale-rssZRiVdNXHo8JjsLtmZ1JG7CwoBY8c6WCoQUqFsjJIfLNfkUIjjIiX0AMbKy6JN3VolQ1WPHdcCeFGvbbrsJdy714jsCfPjrwzdh3Nf8eOQTV06KyuNgnHRQBODXhYjITp17L7QrOkHQMqDTB5INm-dJ9LsKefcTYYpFrJLPo1v1VlHoP1tS_VPiUcE
Frame ID: C7D8AF1768B9751745786AC591819357
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09C4EDBE6644EA1FFDA8B4693FA83283
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247
Frame ID: 90EFD7D0594347E347A3A419308DC22A
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js
Frame ID: 2AEC5C6E90E5D26BEE90A079EED649FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weihnachtsgeschichten

Page URL History Show full URLs

https://weihnachtsgeschichten.net/ HTTP 301
https://www.weihnachtsgeschichten.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

208
Requests

96 %
HTTPS

46 %
IPv6

35
Domains

61
Subdomains

55
IPs

9
Countries

3218 kB
Transfer

7096 kB
Size

39
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.consentmanager.net/?utm_source=cmplogo&utm_medium=banner&utm_campaign=cmplogo&utm_term=55325
Title: consentmanager.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://weihnachtsgeschichten.net/ HTTP 301
https://www.weihnachtsgeschichten.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuVoneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CL7-h-796P0CFe6Kgwcd9RsBfw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuVoneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuVoneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1679262918_bd2f15c1-c6a0-11ed-b00f-2238801674a3

Request Chain 55

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9947.9gNjWhe7-YjsnwWa0_N-9nTWgReXNQVhuisxtper6TSgI94TncxBUz6B8vByNi25.XFSdxj1CKJikxTXBddXVXu0PJSQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9947.53SDFH8F4DLDqPp5eSK3qFw1tIJkDS9PBfsEv4YXS4my5mBnJkc_jN5q3p7YwidvCWbAS5XPjhJbQ-EW8TAkk-_9cTzlFuQzPnBGwZ3LwYM%2C.uhftX_Hzt5m3mnMIl8TWvclBE30%2C

Request Chain 82

https://mc.yandex.com/watch/67959763?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A203765363031%3Ahid%3A556347832%3Az%3A0%3Ai%3A20230319215518%3Aet%3A1679262919%3Ac%3A1%3Arn%3A32980943%3Arqn%3A1%3Au%3A1679262919781022788%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C55%2C1%2C61%2C0%2C%2C229%2C2%2C%2C%2C%2C393%3Aco%3A0%3Acpf%3A1%3Ans%3A1679262918080%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679262919%3At%3AWeihnachtsgeschichten&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/67959763/1?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A203765363031%3Ahid%3A556347832%3Az%3A0%3Ai%3A20230319215518%3Aet%3A1679262919%3Ac%3A1%3Arn%3A32980943%3Arqn%3A1%3Au%3A1679262919781022788%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C55%2C1%2C61%2C0%2C%2C229%2C2%2C%2C%2C%2C393%3Aco%3A0%3Acpf%3A1%3Ans%3A1679262918080%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679262919%3At%3AWeihnachtsgeschichten&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 85

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9947.zH_ftRwc4_qDRQ0z3EGlsbpohDFVuOVO4qwAsA6nz0EZp9fir7iMEIyDkJm01piq.af66WQexb5mG5rw9L_5oP8LLSZM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9947.lj5gl70RuIJFOORcSHNmfYUPXfFyeUJNOoHHeIUqLSQ7KCQ0jpqdmOsadmkIyHm7089jplO_Gd8KG4CBDxJAQpeM5jZkFwdpCUK8EuYq3NI%2C.7Iz2UHqjLvXW722k3x1Il3tQj6I%2C

Request Chain 87

https://gum.criteo.com/sid/json?origin=publishertag&domain=weihnachtsgeschichten.net&sn=ChromeSyncframe&so=0&topUrl=www.weihnachtsgeschichten.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1nxa0nxSYVMxbVNpRzljc2xDbTJZUDQyQXVzZnRWc2F6ZGcrVEVGSzQ4Um50elkvZkVkN0JqTWw4MGpwNXhRUGRJYW53eDUwV1FOVTZJZnRzZEFqbHp2OERxS2lCdGlmRjVZTngyck9YanMxM0FqcHQrMUxRcHNxa05HMEpQcElDcjZvU1ZXMTVIODBvTi90ZURFdkVWcUxwZ2dSdjBMUXhpT21IZEozTnlaTWdqS1BwQzR1MGNqNktPREt6UlhSKzVKSkxDakdJRVNkSkFWeStZUjJUZ3N3aEErNGlqS3JzUDI4ZXdlS003a1ZZOUZuVEdrSFhDZkc4cWwxYzJLcCtSdTUrR2h6UDg5VzFVNWtydXFHTG9XOTJXRTVJQXRxWEJPaGh6VDl2WFhKLzg3UT18&cppv=2

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&addtl_consent=1~584.1033 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfphAupdfQkL7PtOEt5gd8&google_cver=1&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&addtl_consent=1~584.1033

Request Chain 172

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&addtl_consent=1~584.1033&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?addtl_consent=1~584.1033&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBeEyOwpO7x11pHoqjddsQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfphAupdfQkL7PtOEt5gd8&google_cver=1&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA

Request Chain 174

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwOTIzMDA0ODg3NjIxNjU2MA%3D%3D

208 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.weihnachtsgeschichten.net/
Redirect Chain

https://weihnachtsgeschichten.net/
https://www.weihnachtsgeschichten.net/

42 KB
11 KB

80ms
54ms

Document
text/html

2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7904bd25b931a22db7b63e11873ae740bfa8fe70667f26956f1dfe1414051f1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7aa8f5768df13649-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sun, 19 Mar 2023 21:55:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuaBBTGFXv8GM96tPtcApIzNbqZ8xUGF%2FtR3JQcTRxIxxh1yo1AlE3inB%2BLSGApY3RLeccMG2mAb5%2FGVJ1Sa8hg8JHZiLjC4bzE6qFPNEo%2BTEi3WFhtTicbS6NAKYrREF6pg7W%2FY7BHdJYkaMcg5LSJa3DDzLNFJSFGsZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: BYPASS

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aa8f5762d873649-FRA
content-type: text/html
date: Sun, 19 Mar 2023 21:55:18 GMT
location: https://www.weihnachtsgeschichten.net/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHtVgXyfBCTYyOF19zfb1VuN5qDZZ%2B311wK7wKQLGAkmFip2pOutbMaiYX7nmJCCX2TnPFogW%2F6f0hPDs7El9i3myn4dXojJLlNArTXxi9jh3DyURqyJcD7O0RO9M6D1fYRZ3dXOSzRhif2vxkez1J1oHEcOfAip"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 b9a6700f23b0344ef774c64401819649.css
www.weihnachtsgeschichten.net/css/ 125 KB
22 KB 36ms
35ms Stylesheet
text/css 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weihnachtsgeschichten.net/css/b9a6700f23b0344ef774c64401819649.css
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0431f53f752ff02e33885c8a18d9cf0a93ca00a0c293925a82e8333c4f37e67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 10:37:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6377606e-1f3f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYOFV5pQrqcI7jF9%2F0pRFy5inTXnBqq24zMyKx%2BTGXqFlXYZI6eE%2FkHkbnmWaoqhtC886i7%2FvOMOCaV%2FVBhwLxgkvcs6SE0SyneY1SfNBm6VFjokAIDlogYMTLQCu7MUQ8QtntOqVCLVN9edj5XpgPcmVFvOrtG2nXbJYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7aa8f576ee5f3649-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 h.js Show response
cdn.unblockia.com/ 152 KB
153 KB 56ms
8ms Script
application/x-javascript 2600:9000:211e:a00:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0a3e10929596e4a2855798959d1d9eea123133bbf3201cbdb6c768af3f17918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 28d.r45uCskr6PA6yRigQmOs9rcFOOWB
date: Sun, 19 Mar 2023 19:14:45 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 9634
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:f3954d10-86c5-48f4-9cfe-10a3246c8276
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 2b108ecf60c75434f8c9f42f68ab0d5a
content-length: 155688
last-modified: Tue, 14 Feb 2023 17:16:02 GMT
server: AmazonS3
etag: "6f10efbed5fddb7cda8b803fb6d129f4"
vary: Accept-Encoding, Origin
x-amz-meta-codebuild-content-sha256: f8dddb563fa55bce4c5ce2a22cd026fd41942793b4b34e4f2278ec006ba5c324
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: RuUvIZLtcAvR4p8s5rXpJUHX_evhB3FJdqfaj5zvo_DbauH-L-sNxA==

GET
H2 200 QMAX_weihnachtsgeschichten.net.js Show response
storage.googleapis.com/adtags/wm/async/ 16 KB
5 KB 190ms
94ms Script
application/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c9b5378b42fb210ba18bc1c6879c3deb075cd6c0a50f4ce42b703cddece693e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: gzip
x-goog-meta-accept-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdsRRolvOf7HmpFV4TdR2lsi2vsAXTc24npE_VkIhJbvFdUK-N-apYKWs_7wsBXeWhBhiDk8zyGkbJ7TyYGzG6SHDsAKr7L9
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4381
last-modified: Fri, 11 Nov 2022 09:42:47 GMT
server: UploadServer
etag: "c1a2081303347c83c86bdc30dc802c8c"
x-goog-generation: 1668159767743880
x-goog-hash: crc32c=djEJCw==, md5=waIIEwM0fIPIa9ww3IAsjA==
content-type: application/javascript
cache-control: no-cache,no-transform
x-goog-stored-content-length: 4381
accept-ranges: bytes
expires: Mon, 18 Mar 2024 21:55:18 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 50ms
8ms Script
text/javascript 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: M0ASCFRJ0JJYWK0Y
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: VsrCM0mK7Y9CVnRx9xHzRS5vH0t881wJRQmGUD/KqMJvXpBi/FvifHdyJNOrr7girUbElP4/ieY=

GET
H3 200 weihnachtsgeschichten.jpg
www.weihnachtsgeschichten.net/thumbs/weihnachtsgeschichten/ 70 KB
70 KB 15ms
14ms Image
image/jpeg 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/thumbs/weihnachtsgeschichten/weihnachtsgeschichten.jpg
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68a81ddc0974891cf786f43ef55c340db91f3d5a63ec49c508143232e4ce654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
last-modified: Wed, 13 May 2020 10:30:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 936
etag: "5ebbcc5a-11770"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65tEjZwiFPNfRTiSyWZF3k7XsUID3yC81xW8OKuhjJQLc8YDn9zw6hqKx3%2B7%2Bxm3kvAJ5xqWiNlviRDGXP9Ymflhz1jal8dXbj2Uy6mEvv6GIpTJEsTE1tPCWYANDaDUpZzTw2joFF12mJIvR010JQ1LcEZZdJHTC53mTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aa8f5772c655c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71536

GET
H2 200 lashv0bg.js Show response
ad4m.at/ 30 KB
12 KB 48ms
25ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/lashv0bg.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d37935b6db3df045121d4fa638b598e7e4f0a71f16d4e533b26e8d26732d5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:47:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 461209
etag: W/"6b6da2a8a7d8afe3ec2af42a0c51bb6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NNQNMZf0OfGlwfVYBsNLf8KhsGf2Lc%2B3hEeKrcvXG4muTMdONCAPYEhs1gVAIFUsbffHs%2FmjLjA5RGUR9R0Y6nfPgQ9MuX1I%2FlGBr7hrqjhdIER8qe5mPXTwtlnDDnIE9OTJZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7aa8f5774cae35e4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 14 Mar 2023 13:48:24 GMT

GET
H2 200 tag Show response
a.teads.tv/page/138650/ 734 B
796 B 81ms
40ms Script
application/javascript 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/138650/tag
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dee9a8f74f792db0d00d4692419aba18da305d4e64a259d3f00fec5710b41b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 454
expires: Sun, 19 Mar 2023 22:55:18 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 992 B
2 KB 165ms
55ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ac1e3e9a56d93d8f406ef31b9b234b0e44f1f5bb75200b08daab11cdf893c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 19 Mar 2023 21:55:18 GMT

GET
H3 200 3c9a73e8f2a1098493c2a19f040eaa45.js Show response
www.weihnachtsgeschichten.net/js/ 164 KB
54 KB 41ms
40ms Script
application/javascript 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weihnachtsgeschichten.net/js/3c9a73e8f2a1098493c2a19f040eaa45.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2b48eeb2d8be46e58fb71e59f7cf42be331a1bb07b1eb23b512b967e12a7ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 10:37:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 936
etag: W/"6377606e-291aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA6DioCQAMjgMI%2FjOdLoF6SM6%2BHGdQrvigKmEVsohB7tA07aVGiR7peoiIpYsPES4eZNGbuz6DdRw742OTdF3F2wcjd%2BZal1UYKyYY2EyXvsGJcvkqQ%2Bmflxvmi6oCj1%2BqndOiXfVBthPEDbLV0V%2Bw9FQ8U8fV%2FJIg5zBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7aa8f5772c5f5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 t.js Show response
www.weihnachtsgeschichten.net/js/ 11 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weihnachtsgeschichten.net/js/t.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a55c314c1488fe74cf731441adccf2f398ebba43450d0ba90733f33e55a1735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Apr 2020 12:30:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 936
etag: W/"5e872c4b-2beb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9s6lBgrClHCWvspQ7QDTzNSCt%2BShobFwwpbYfQ3ICyrT6PjWRFAWyUMwmiauRI13%2F%2BHIoKx1zG5TCF%2BXskSJFi3Gj2HwmnnAeqTcXA2C5usYd9Cb9LDB8lZTPKmaMm46JODWZgtjIRhvUixuWfjHpKODhCyuMpwJsBKSgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7aa8f5772c615c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 glyphicons-halflings-white.png
www.weihnachtsgeschichten.net/img/ 9 KB
9 KB 29ms
28ms Image
image/png 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/img/glyphicons-halflings-white.png
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/css/b9a6700f23b0344ef774c64401819649.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/css/b9a6700f23b0344ef774c64401819649.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26521
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8777
last-modified: Mon, 12 Aug 2019 12:41:48 GMT
server: cloudflare
etag: "5d515e8c-2249"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl%2B9zmkGobrCzikFxz1ljXV%2BhPqag1LWy%2BNk3g2sytYsQt%2FyRWFrravWjpoOd22UHfoPhf1smLDpkcm6TAtsmQnQ8Tk3aUfkixd1Hkj6WmddIBT93mCv%2BdF4sGeuOJDpUD0hf00BbvIx3jj6fMc8SQePJh%2FbiFfzKQJs1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7aa8f5772c665c8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
352 B 83ms
36ms XHR
text/plain 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_14881&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:18 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.weihnachtsgeschichten.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sun, 19 Mar 2023 21:55:18 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 595 KB
131 KB 7ms
7ms Script
text/javascript 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/138650/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 96e621a20ba5e0c08f781742c92f9c14418b3dfe396dcd1ce4c72b4764135fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
last-modified: Thu, 16 Mar 2023 10:53:43 GMT
x-amz-request-id: NSJVRFSM2S7B1568
etag: "d38752cba4a00acbfdece457ca6f488a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 7
accept-ranges: bytes
content-length: 133074
x-amz-id-2: SUa8aGhtoCvTn69+d0OquNoTnniCUVChLkRgPLAujExBMquymqZofNw0TeqdLf8qAJOxXDzni6A=
expires: Sun, 19 Mar 2023 22:25:18 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/59acb1f3/www-widgetapi.vflset/ 184 KB
62 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/59acb1f3/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8afc8c47e931fe3cb0fd970ce36dbeb54f82c8dd1e5df1f8dfd820fd3c78662b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63056
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 00:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Mar 2024 21:34:06 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 258ms
109ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/js/3c9a73e8f2a1098493c2a19f040eaa45.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6412d54e-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Sun, 19 Mar 2023 22:55:18 GMT

GET
H3 200 star-on.png
www.weihnachtsgeschichten.net/img/ 1 KB
2 KB 14ms
13ms Image
image/png 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/img/star-on.png
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88233ad1abcd2282b53edb9465a6bef42fd32de319f014e4059353e4fd8a7e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 936
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1031
last-modified: Mon, 12 Aug 2019 12:41:48 GMT
server: cloudflare
etag: "5d515e8c-407"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPhxqN09wrEB0BWIOV7m7Qeay0QawJULwGeXB8B8Gh7HC09M8aFzMABfCxGUCmKzGYyxnUzO%2FWU6DtiCzbhw1c2%2BQiDo%2FF7DoxBiNd8RmHymbBaVLtZXuqOwBKtMOQuV1RS3gVkIECxkkTupjQQg0XYvO%2FMrW8BsJEFE4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7aa8f5784e1f5c8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 star-off.png
www.weihnachtsgeschichten.net/img/ 930 B
1 KB 15ms
14ms Image
image/png 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/img/star-off.png
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf9b07584547d5d561dfac9cdbf7b6a530cb72a1b7a1096411966036c4017d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 936
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 930
last-modified: Mon, 12 Aug 2019 12:41:48 GMT
server: cloudflare
etag: "5d515e8c-3a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft2wiijfbmac6ttuV2joJ0%2B6j9%2Ffcnw1CnUIc%2B%2BVBUV%2BetnCT7VHQKvJ%2FtnGS8U7e%2BaKoxsCak%2B%2F2LmYqowJjc9On3z5h3IHBvKpQuWyFL6Kcf9F4O66rTk6KWIkY%2Fm8x%2BmoccrWrCkRMwBTcilgs64Oh8kcGnaANgI9PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7aa8f5784e215c8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 star-half.png
www.weihnachtsgeschichten.net/img/ 958 B
1 KB 15ms
15ms Image
image/png 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/img/star-half.png
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808ffaeee4006e4930f89f5dcf46f603eb173ecc365b8f3df2b822bb6747c0b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 936
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 958
last-modified: Mon, 12 Aug 2019 12:41:48 GMT
server: cloudflare
etag: "5d515e8c-3be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASRX80yQxWtNDzaDyLZFhnJ0PdIDP%2BaFhI8uXNNykxEGNikSmTTepkO0%2FpyAYLDdhDU8KMTKMjiI4gYXrpij5sUW7ktugOLj9tCAKgu9nt4bbQhbI3c51abORCY0WYjvH2xP%2B519pzsKzMS3LTilOmMv7DECljC%2F4JpbbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7aa8f5784e225c8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 197ms
56ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=e41370bf-0825-45c4-b56b-61c27f979e17&pageId=138650&pid=152138&debug_metadata=s1zuBXxnUG&fv=1156&ts=1679262918456&f=1&referer=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 188ms
48ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=e41370bf-0825-45c4-b56b-61c27f979e17&pageId=138650&pid=152138&slot=polymorph&fv=1156&ts=1679262918465&f=1&referer=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Sun, 19 Mar 2023 21:55:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
48 KB 145ms
61ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0eafc103c65fc938ba3822331a77d2317257926acd99e63836310d578626739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48459
x-xss-protection: 0
server: cafe
etag: 10227927993111692785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:55:18 GMT

GET
H3 200 ad350.sWpf_Vy5OUVMJ4.gif
www.weihnachtsgeschichten.net/image/ 0
484 B 91ms
90ms Image
image/gif 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/image/ad350.sWpf_Vy5OUVMJ4.gif
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5f5cvSv1ls1TGbSka%2B%2FWXGASRPTZaaigqKEbj3iqdeS%2BYPC015RwwoK8%2Br21zRocB%2B%2Bv7M%2BMkR%2BZJMIi9mIe6se71uDfnkAqJYyAgFftZkgyXOwP1QV8oRq%2FPZW3VbktY%2FOjWqsHX1HkSjzHZisfHdjBFwLotbdzEkwHog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 7aa8f5787e725c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 ad Show response
a.teads.tv/page/138650/ 541 B
726 B 43ms
42ms XHR
application/json 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/138650/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&auctid=e41370bf-0825-45c4-b56b-61c27f979e17&formatVersion=1156&env=js-web&netBw=10&ttfb=54
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9eb53bd198197e981c8cb37562b77ceee5e55f0014b55b728eed1e9ca2a3678

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 367
expires: Sun, 19 Mar 2023 21:55:18 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame 4D96 2 KB
1 KB 17ms
16ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/lashv0bg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1355971
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7aa8f5788e6a35e4-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 19 Mar 2023 21:55:18 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLDyic5YN41hIHl1sP26hBCEYIWCR%2FPKEstHcCp5%2FM2aqmTf2iluPMjDhycyy0TG2paAbB8t1vjAMoLiKQSxOZYoLL3QT3kHEI1Ggri5a2Bb%2B1U72EBWKVHMKRh0bBU%2BinMTYwc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK cmp.php Show response
b.delivery.consentmanager.net/delivery/ 4 KB
2 KB 68ms
23ms Script
application/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?cdid=6acd85cf399d&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&&__cmpfcc=1&l=en&o=1679262918483

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

68208ecee354aa4221fa0171070109014c3bf99a9f4d523cca7e505f38a12844

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Mar 2023 21:55:18 GMT
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.net/delivery/js/ 482 KB
99 KB 93ms
8ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/js/cmp_en.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

cf4b35323f55918ef42fef983c5607a4fa34d0e403392688a51637423715da03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 19 Mar 2023 21:55:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 1524
x-77-nzt: AcO1qhH3Tjr/9AUAAA
x-accel-expires: @1679263194
last-modified: Wed, 15 Mar 2023 23:46:02 GMT
server: CDN77-Turbo
etag: W/"641258ba-788d5"
x-77-nzt-ray: 4c15622418892327c68417649e14c821
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public
access-control-max-age: 1000

POST
H3 200 rs Show response
ad4m.at/ 469 B
861 B 29ms
29ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/lashv0bg.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4b68a1a5e58c458fc3abdecbd952c045bccbaac12e24656146d232cf76946ad

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbaQ42Spc2VhkzMiJLHgwecSm80euEv0%2FKTUN0yMY%2B7cXxZeSUGg3Fl2W70HKVaKziu2jfEhm2C5wyJJBY79ptfsRaNqOjhPY4DbfLo%2FCg2vQZr7J34ntq2A5cU8FHvF7Huat%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-allow-credentials: true
cf-ray: 7aa8f5792ac02bde-FRA
x-backend-server: aa-reachservice-group-europe-west1-knx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 40ms
31ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.weihnachtsgeschichten.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7aa8f578fa802bde-FRA
content-length: 24
content-type: text/plain
date: Sun, 19 Mar 2023 21:55:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kKIQx7QCNsoGLLDsUZRUYt%2BchbjqiWXSQiSNtCmhjUnWbyrHJRobjvix%2FFlYpBoVkyIsDZnFvcyw3bngJtiaZyYqMkybzzHjR4ZbaytcWd07nCw9CAO35XRuTQl8F39eTmJkXU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-knx2

GET
H2 200 bV8xLndfNTUzMjUuZF8xOTU5Ni54XzI2LnYucC50XzE5NTk2Lnh0XzI2.js Show response
cdn.consentmanager.net/delivery/customdata/ 44 KB
10 KB 111ms
97ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfNTUzMjUuZF8xOTU5Ni54XzI2LnYucC50XzE5NTk2Lnh0XzI2.js

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?cdid=6acd85cf399d&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&&__cmpfcc=1&l=en&o=1679262918483

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

16856a2720bccce3d9869928bb5f57ea06e53efef2ef493c99e3ccfeb48a54a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 19 Mar 2023 21:55:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cache: EXPIRED
x-77-cache: MISS
x-age: 18341
x-xss-protection: 0
x-77-nzt: AcO1qhHYt8bLpUcAAA
x-accel-expires: @1679264718
last-modified: Sun, 19 Mar 2023 21:55:18 GMT
server: CDN77-Turbo
x-77-nzt-ray: 4c15622418892327c68417643ca94222
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *, *
cache-control: public, max-age=1800
access-control-max-age: 1000
expires: Sun, 19 Mar 2023 22:25:18 GMT

GET
H/1.1 200
OK cookie Show response
www.tisoomi-services.com/ 68 B
276 B 58ms
21ms Script
image/png 136.243.25.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tisoomi-services.com/cookie
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/js/t.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.25.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: api.addefend.com
Software: envoy /
Resource Hash: 53b14a22cd3dc973d6cb1a381d01fafafc4da1632bacbf15f7fac0014fbe70c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 19 Mar 2023 21:55:18 GMT
Cache-Control: no-cache, private
X-Envoy-Upstream-Service-Time: 7
Server: envoy
Connection: keep-alive
Content-Length: 68
Content-Type: image/png

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 2D8E 7 KB
4 KB 37ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/lashv0bg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c1f87c046354caa89ca41a5a582607eb241535aac2b7e52b2b711745557a698

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7aa8f5796fc235e4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:18 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 DtDcXbGWl1IBrWNLF32hG9bmJM6jMl4.gif
www.weihnachtsgeschichten.net/image/926291862755/ 0
477 B 67ms
67ms Image
image/gif 2606:4700:3036::6815:5dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/image/926291862755/DtDcXbGWl1IBrWNLF32hG9bmJM6jMl4.gif
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5dc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSyJV0Np%2FdRRPDegnU3GN3%2FE3HWQe78UQ02aBhzG50i7l777695AWUSXhfzm5JLQf146khSn3t9FPpDEoBlwOizBmsA9%2FFXToV91CCMDfduptV9kwMTCW3LIsWlhWHH9Y8%2FXzqatHFgQxShDzM3oArvQP%2BbgHDeFJ694yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 7aa8f5796fc15c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 2D8E 94 KB
12 KB 25ms
25ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 874535
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9NRvQQrAZpS9H3LKxbs7%2F33ZKo0dyCD7gbOx8KWwE914RarK8hrUm7vW9psalbCetcW9lJFMT17L4R7oxuu6Q6v%2B7900WR%2Fgg39GPbvTrAjiepjYyad%2FTmxsm1qOW6fVjwBNar84oc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7aa8f579a9bbbbc8-FRA
expires: Sun, 19 Mar 2023 22:55:18 GMT

GET
H2 200 521816B122764001ADB70A517984F37BFF9BF6A673BABF5D86AB411E7DB29F110A1EE88B26C2C779693C09EA30E537FC99BF58A2C05EC7C7FC76B7121E2F0D23
assets.ad4m.at/logo/ Frame 2D8E 3 KB
4 KB 34ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/521816B122764001ADB70A517984F37BFF9BF6A673BABF5D86AB411E7DB29F110A1EE88B26C2C779693C09EA30E537FC99BF58A2C05EC7C7FC76B7121E2F0D23
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0563b45e7f8099573475a80a342c9e71a371e453ae363335dcee0987ce087655

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1154014
cf-polished: origFmt=png, origSize=12409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3270
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 09:42:26 GMT
server: cloudflare
etag: "66b1eff8bdbba24886f7b1fc8575650c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grbNIHqdXypWwIgi%2BBAwQUcN2tcsC%2FziQwbRIdqXxw1gjB%2BQXqNGZndecN3o6r0FCM7JsXw2VRdWju4HeeEytKCrtGzIbcOqMhzXkI2rqkoTUO8zj6MnUPJzf31jLcq8%2BzPXgsCtQm1aQFVL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aa8f579b82835e4-FRA
expires: Mon, 20 Mar 2023 21:55:18 GMT

GET
H2 200 069D6AC8048C845ED241E4D08FED5C8BF19DF09CD5D31CEFFF7C284512B39110035A45A716C9107E61A08153C69FFB45D9A6249AF8BFA59770C31521FB495CCB
assets.ad4m.at/product_image/ Frame 2D8E 382 KB
383 KB 23ms
16ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/069D6AC8048C845ED241E4D08FED5C8BF19DF09CD5D31CEFFF7C284512B39110035A45A716C9107E61A08153C69FFB45D9A6249AF8BFA59770C31521FB495CCB
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49552a1b265626ae43788c7a552f0e83b2a60c3b80a03f0a3ac5d897e19e5a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1354781
cf-polished: origFmt=png, origSize=567269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391308
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Dec 2022 15:02:50 GMT
server: cloudflare
etag: "364fb0bbdd277cfa57c3290ca877647c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSKCzHVOOHnV8KUwFWttEkV87%2Fk2tlal78zaw2cV50R1pnMfCI3y207NGoz1hQ3b1h5C0DB2feYEUYwk6oAfnN4%2Fx%2FTEAO2fu59JzT3lI76IBfsxNRBXXUiw2o2k5gktLcvMktPZ2ib4PkXw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aa8f579b82235e4-FRA
expires: Mon, 20 Mar 2023 21:55:18 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2D8E 43 B
702 B 107ms
44ms Image
image/gif 104.98.137.157
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3254070&v=14598&q=371862&r=412863&pv=1&pref3=oneidAjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9oneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.98.137.157 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-98-137-157.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 2D8E 53 KB
53 KB 34ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1355356
cf-polished: origFmt=png, origSize=85233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54280
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:18:26 GMT
server: cloudflare
etag: "0bc184d99872986e7c36d6945f607e59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hi7kbh%2Bk9cJpc00Yduw56oG%2FNsDEpz2v%2FJ5VD%2BD%2BTXpfAvYcI0fBIg30x5jHpSUIbBVh0YcYsZsoMiFluiZ2eaIGo85YWEjrflUKSfVh3rNRD3NSuZfPyzTpKl8NWbL%2FIE%2FFLjbInl1peYnw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aa8f579b82735e4-FRA
expires: Mon, 20 Mar 2023 21:55:18 GMT

GET
H2 200 831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 2D8E 193 KB
193 KB 30ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1116478
cf-polished: origFmt=png, origSize=311499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 197460
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:45:43 GMT
server: cloudflare
etag: "3e47fe2e828ecba46fd7e6ae452966ae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsV4VF20ldZPI22jKs4Cb1Qwq5lIpKGGAjhLuuSeZd2Szug%2BW8%2FWsDkSxWaIjRcTD%2FXfEiLCbZFoi%2FIRsZ83n4XluxauFAMO7d0AC6G0%2F56bv56T9oidDKZsKtQgY0h7sNGG0jYGWAOW2bAx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aa8f579b82a35e4-FRA
expires: Mon, 20 Mar 2023 21:55:18 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 2D8E 8 KB
9 KB 29ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1355340
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTmfPJNJ%2Fps%2BEY3CXz3is9TStizd%2BuaWSsMN1S3K9tRsIraeoFXagSNPOtuEqbN66sAEp2az%2BoAhl2DchZq9Y6qp9ZNUyq%2BFGcDXGeFvQP0pmbnZ2awQhk5Mk7Iak7bElvOszjJ28UkoYxNK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aa8f579b82335e4-FRA
expires: Mon, 20 Mar 2023 21:55:18 GMT

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 2D8E 30 KB
30 KB 30ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1355195
cf-polished: qual=85, origFmt=jpeg, origSize=81547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ijk%2BM3B0NjUyzVfMUcf7PhaBA6ZV8vHi49suLKShvQQoJ4oymrKPqQs7cfJv8iBzDurlQTbqlh0a%2FHmm13SrnCKTzC98Dr9vJ4ReaOPO0L5hvFfr%2F9U%2F291INqfRZuY6JPFFbkSCU0Hq2%2FVD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7aa8f579b82935e4-FRA
expires: Mon, 20 Mar 2023 21:55:18 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 2D8E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CL7-h-796P0CFe6Kgwcd9RsBfw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuVoneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1679262918_bd2f15c1-c6a0-11ed-b00f-2238801674a3

0
550 B

64ms
13ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1679262918_bd2f15c1-c6a0-11ed-b00f-2238801674a3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:18 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 19 Mar 2023 21:55:18 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1679262918_bd2f15c1-c6a0-11ed-b00f-2238801674a3
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 crossdomain.html Show response
cdn.consentmanager.net/delivery/ Frame FF52 2 KB
1 KB 7ms
7ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/crossdomain.html

Requested by

Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

2b15114adb679270e25e0d47ca2d8ee278701c0a23d815ebcbbd0a4630211873

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
access-control-max-age: 1000
content-encoding: gzip
content-type: text/html
date: Sun, 19 Mar 2023 21:55:18 GMT
etag: W/"6335ff4d-83b"
last-modified: Thu, 29 Sep 2022 20:25:49 GMT
server: CDN77-Turbo
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1qhEDAob/Ww0AAA
x-77-nzt-ray: 4c15622418892327c684176442394928
x-77-pop: frankfurtDE
x-accel-expires: @1679263099
x-age: 3419
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2D8E 2 KB
2 KB 138ms
73ms Script
text/html 52.56.125.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jgb2784y3bq3nyjz23ehqx186k116adjjk0em88j4n6ke657bhmgynws5fe4z9k13pt6aye3n48pf4d3v8q3c8rq5pbv9wgs7sqtc2f1hmmkzr9h2wjahxfgm2qcky6546ymx7pt1jj0mknmqcdyc4950n60jf56aksz621xt2ty15x7px58njkt58dtxzq4nykv0sq8qt6vcxdgeg7j21qwgx4ydnnxcrxn2x4a7cfkg4fzgr44bqabqcfebgdcj9k8%26a%3D&clickref=oneidxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaAoneid__weihnachtsgeschichten_advancedad_300x250&viewref=oneidjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9oneid__weihnachtsgeschichten_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.125.139 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-125-139.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 971a206bf302aee6432676d3c9fba27fd4b02e2524e0bb1cc3c3e639f3915d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
last-modified: Sun, 19 Mar 2023 21:55:18 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 19 Mar 2023 21:56:18 GMT

GET
H2 200 qbug.js Show response
storage.googleapis.com/customscripts/ 3 KB
3 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/customscripts/qbug.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e85425bd2e6b2f9e6214b358fe34dc87bb42551bbf11f253e96583c086d4f143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:10:51 GMT
age: 2667
x-guploader-uploadid: ADPycdvIbI9szPUXly-G7-xwmDBdond3vRidr2-McmjuJS8MBSl5YLL3qi-jGbE-zKF2TlayR8L3P1aThftdx-Yx0t5sRFGX-Qiz
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3171
last-modified: Wed, 28 Sep 2022 13:11:35 GMT
server: UploadServer
etag: "ee80dc91df82c7ff8e0362286a3adc98"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1664370695347746
x-goog-hash: crc32c=2gPTNg==, md5=7oDckd+Cx/+OA2IoajrcmA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 3171
accept-ranges: bytes
expires: Sun, 19 Mar 2023 22:10:51 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/ 50 KB
16 KB 50ms
10ms Script
text/javascript 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec3f85924617eeebdbd208b1dc4fd4b521c505e7d4235705ef0d9db7f78c05dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: XxDcRFOzHA0lasL5ZBkLZNq4IqLJfNWe
content-encoding: gzip
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
date: Sun, 19 Mar 2023 09:46:38 GMT
last-modified: Wed, 15 Mar 2023 09:46:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 43721
x-amz-server-side-encryption: AES256
etag: W/"7721f1d7c10a96f6f4829e5d937be6a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: oNIl9hcY3VjOPXK54XtwxdOhLggyKvJtCn1ZxgtgxzdzHd-m_XQPgg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 222 KB
55 KB 74ms
10ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:03 GMT
content-encoding: gzip
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 20:24:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 16
etag: W/"a7e0149ce78dcfe46a1b0656ebdcc903"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: OYJ26J0JKHMbynvdq1b2yl9ffBIT_LhXAbOHC64VCrL--5IvFeQZ9A==

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 93 KB
31 KB 65ms
27ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3f73768613f925c342c620a9bcd75ed2c122048a54f092fae9fb73d7caff460e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-17514"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Mar 2023 21:55:18 GMT

GET
H2 200 default.js Show response
ups.xplosion.de/loader/10775/ 867 B
1 KB 118ms
29ms Script
text/javascript 54.195.112.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ups.xplosion.de/loader/10775/default.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.112.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-112-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d5f4c5bbbc157ab9adf6e30c766bf42de65fd31270c8f1c0dbdcee08816298f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 19 Mar 2023 21:55:18 GMT
cache-control: must-revalidate,no-cache,no-store
content-type: text/javascript
content-length: 867
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 87ms
13ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e8cd4bf2f547eb60b69a54a5340d5feed5905e1e5ea0ef3d3aefe6a6c1523fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: gzip
etag: "qnbLQo87mD/KmvsyZTIxlQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 26 Mar 2023 21:55:18 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 163ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92d284b69965dcae90d19a228e9e8af35d41e7a3c6e06574ebb0024e88f9cc23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27446
x-xss-protection: 0
server: sffe
etag: "1516 / 318 of 1000 / last-modified: 1679090949"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Mar 2023 21:55:18 GMT

GET
H/1.1 200
OK /
b.delivery.consentmanager.net/delivery/info/ 43 B
353 B 20ms
20ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/info/?id=55325&did=1&cfdid=1&t=pv.d_ccpans&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&o=1679262918740&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=5&dv=26&

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:18 GMT
Last-Modified: Sun, 19 Mar 2023 21:55:18 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
b.delivery.consentmanager.net/delivery/info/ 43 B
353 B 45ms
23ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/info/?id=55325&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&o=1679262918743&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=5&dv=26&

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:18 GMT
Last-Modified: Sun, 19 Mar 2023 21:55:18 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK consent.php
b.delivery.consentmanager.net/delivery/ 43 B
1 KB 40ms
19ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/consent.php?id=55325&p=2&v=1&ccc=aBPo6y_DgAAIAABAAGAA0AC4AGgAPAAjABKACgAHgAQABDgFPAsCBaIFGgAA&c=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&l=EN&lv=0&d=1&ct=15&e=&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&e2=&e3=&i=&sv=5&dv=26&cookieallowed=1&reg=1&rk=GDPR&usps=1YNN

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:18 GMT
Last-Modified: Sun, 19 Mar 2023 21:55:18 GMT
x-cf: 0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
x-ct: 2
x-r: GDPR
x-cpc: empty
x-cvc: empty
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmplogo.svg
cdn.consentmanager.net/delivery/ 3 KB
2 KB 10ms
10ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.consentmanager.net/delivery/cmplogo.svg

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 19 Mar 2023 21:55:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 75507
x-77-nzt: AcO1qhFfH9j/8yYBAA
x-accel-expires: @1679273811
last-modified: Tue, 08 Feb 2022 14:38:46 GMT
server: CDN77-Turbo
etag: W/"62028076-d0f"
x-77-nzt-ray: 4c15622418892327c6841764065c512f
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-max-age: 1000

GET
H2 200 en.gif
cdn.consentmanager.net/delivery/flags/ 384 B
892 B 11ms
11ms Image
image/gif 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.consentmanager.net/delivery/flags/en.gif

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 19 Mar 2023 21:55:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-cache: HIT
x-77-cache: HIT
x-age: 75499
content-length: 384
x-77-nzt: AcO1qhGnceL/6yYBAA
x-accel-expires: @1679273819
last-modified: Mon, 14 Jun 2021 21:37:37 GMT
x-accel-version: 0.01
server: CDN77-Turbo
etag: "180-5c4c0aa828a40"
x-77-nzt-ray: 4c15622418892327c6841764f932572f
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-max-age: 1000
accept-ranges: bytes

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9947.9gNjWhe7-YjsnwWa0_N-9nTWgReXNQVhuisxtper6TSgI94TncxBUz6B8vByNi25.XFSdxj1CKJikxTXBddXVXu0PJSQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9947.53SDFH8F4DLDqPp5eSK3qFw1tIJkDS9PBfsEv4YXS4my5mBnJkc_jN5q3p7YwidvCWbAS5XPjhJbQ-EW8TAkk-_9cTzlFuQzPnBGwZ3LwYM%2C.uhftX_Hzt5m3mnMIl8TWvclBE30%2C

43 B
67 B

61ms
61ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9947.53SDFH8F4DLDqPp5eSK3qFw1tIJkDS9PBfsEv4YXS4my5mBnJkc_jN5q3p7YwidvCWbAS5XPjhJbQ-EW8TAkk-_9cTzlFuQzPnBGwZ3LwYM%2C.uhftX_Hzt5m3mnMIl8TWvclBE30%2C

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9947.53SDFH8F4DLDqPp5eSK3qFw1tIJkDS9PBfsEv4YXS4my5mBnJkc_jN5q3p7YwidvCWbAS5XPjhJbQ-EW8TAkk-_9cTzlFuQzPnBGwZ3LwYM%2C.uhftX_Hzt5m3mnMIl8TWvclBE30%2C
date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
161 B 226ms
55ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Mar 2023 11:37:34 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6412d54e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 19 Mar 2023 22:55:19 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
971 B 52ms
8ms Fetch
application/json 18.66.112.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-32.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:18:39 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront), 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
age: 23799
x-amzn-requestid: 12e2ed7d-72b3-425d-8db8-cc018470d753
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: CCMoeFSZiYcFtqg=
content-length: 555
x-amz-cf-id: 6z2XW25Hhb_FSvSjYmZMN1s548IIhNbdhKiApG5dvN5hal_4wwyqQw==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 22 KB
7 KB 74ms
9ms Script
application/javascript 18.173.233.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-45.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding: gzip
via: 1.1 c8dd4ffb54e69cebbc66c6d97c5c715e.cloudfront.net (CloudFront)
date: Sat, 18 Mar 2023 22:36:18 GMT
last-modified: Wed, 01 Mar 2023 12:13:37 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P3
age: 83941
x-amz-server-side-encryption: AES256
etag: W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: HLTXRps8dH1z77xSThpujwnu9y44T2PR5gYJp6zIRsaaNuF1LoOCqg==

GET
H2 200 %2F Show response
signal-segments.s-onetag.com/desktop/www.weihnachtsgeschichten.net/ 161 B
472 B 48ms
11ms Fetch
application/json 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/www.weihnachtsgeschichten.net/%2F
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: /
Resource Hash: 0d86518f2d6ab285faeb9049846f7f899be94b28c7d206c93dfe2347fd6bc094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 11:41:38 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 36820
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
content-length: 161
apigw-requestid: CBs17hfziYcEPhw=
x-amz-cf-id: m83SAqgNjUb-NvWuTcP7wFZu9fl7fP7lJ6H6LUlhfzc1J8A_RkJaOA==

GET
H2 200 www.weihnachtsgeschichten.net Show response
signal-segments.s-onetag.com/desktop/ 161 B
474 B 46ms
9ms Fetch
application/json 13.224.189.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/www.weihnachtsgeschichten.net
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-70.fra2.r.cloudfront.net
Software: /
Resource Hash: 0d86518f2d6ab285faeb9049846f7f899be94b28c7d206c93dfe2347fd6bc094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 11:41:38 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 36820
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
content-length: 161
apigw-requestid: CBs17jawCYcEMpQ=
x-amz-cf-id: ZZJEh3zNvjsbS6nnSUvzjh2LncObZxGP71TjvSeyap-XUALxwT9H2w==

POST
H2 200 cdb Show response
bidder.criteo.com/ 619 B
531 B 68ms
16ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=77091417795

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

48ce601308d456c2e3bf4ab22a9e9a4c9be1474fe60880611dc7085df2b158bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 247

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2D8E 85 KB
31 KB 64ms
7ms Script
text/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jgb2784y3bq3nyjz23ehqx186k116adjjk0em88j4n6ke657bhmgynws5fe4z9k13pt6aye3n48pf4d3v8q3c8rq5pbv9wgs7sqtc2f1hmmkzr9h2wjahxfgm2qcky6546ymx7pt1jj0mknmqcdyc4950n60jf56aksz621xt2ty15x7px58njkt58dtxzq4nykv0sq8qt6vcxdgeg7j21qwgx4ydnnxcrxn2x4a7cfkg4fzgr44bqabqcfebgdcj9k8%26a%3D&clickref=oneidxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaAoneid__weihnachtsgeschichten_advancedad_300x250&viewref=oneidjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9oneid__weihnachtsgeschichten_advancedad_300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 00:43:21 GMT
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 76318
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: nrLPsNey3ojhu87ATt-0S4F1rNGwvAD7-BGEfO44v8BFPmtm5v3uKw==

GET
H2 200 Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 2D8E 2 KB
3 KB 44ms
8ms Image
image/jpeg 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1679263218&Signature=f~1rouwt6imHefEEmbO6wAfK3DGvqBa~udQmhuxQFqYR0XNnC~r5C0H4zafaST~TlGBrSNpeATss8Eexz7aqwhh5Of~6-n6Ox~onhb2wI5-KVdWtKW~QJqjBQFcP6gsBp9xX7KrAWnlcSoPVJr6WfvrSyZ-YBDU2I-BnLyPZMcielkCXn~iXpA97CAeGRffyxGkUMj1pHJc8mMlxMCiHSz9-0HF2UgMHbtfHBr9HRtIyVyTFg16PzuKorwcBtJYN0WXK0ZlQTGrfR3Uv0~AOShRVGmOEr~0CNv3HD3dV8xbLjRVEJMZnVcyHYfyGwpGgKjhnSGhe~mL1PorPQMlrUg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C321735%2C22451&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CjZAhEfGf8VjEUYHEH2t6tK693HZSDtYpH9%2CQ79C4fjfjMJCxH5HYtGt83Xc6S5tbJuV&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2CxJGtQfAfwz6qUPHdHztDC657Xa7S4tRXaA%2C2JDt6fqfwZWtVHWHktwCREbaxSgtbzug&c=300&d=250&e=&g=86774e1faccbe58f0f0d484467ce2336%2F927099821811586564&i=22886%2C110819%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1679262918602&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 19 Mar 2023 02:04:39 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 13:56:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 71440
etag: "66da632e2658ba90a2b4863be372b9cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 2298
x-amz-cf-id: OnxUdSq2fdTBI6h-UbX-w4orHbHxoPmnUnxlYH6bBVFK51xHKTL1PQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 180 B
539 B 107ms
107ms XHR
application/json 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3371&u=https%3A%2F%2Fwww.weihnachtsgeschichten.net
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 8452bd0c54b786349447609934bd1810af8c5158d43786939a8cd46c24bc108e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 180
x-amz-cf-id: b6K_m3aib3Zu0hbPMrCws8CBkgG9elgLvY49Q9LwIdRc5IB4XVDw0A==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
473 B 160ms
114ms XHR
text/javascript 13.32.106.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3371&u=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&pid=cIJX02WkwW4Gy&cb=0&ws=1600x1200&v=23.313.1233&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%2C%22900x250%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-4%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%2Fmobile%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-6%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%2C%22320x50%22%2C%22320x75%22%2C%22320x100%22%2C%22320x150%22%2C%22320x480%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%2Fmobile%2Fpos1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-7%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%2C%22320x50%22%2C%22320x75%22%2C%22320x100%22%2C%22320x150%22%2C%22320x480%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%2Fmobile%2Fpos2%22%7D%5D&gdpre=1&gdprc=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.106.197 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-106-197.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: AYEKXKVRWN1SN3E4Z69Q
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yODSbOyuXdNZgrkberNWsXUoAIJ52ODUesNeo2AKtVmuYo4udjwcLQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 27ms
9ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 11:41:39 GMT
x-amz-version-id: XEGmc9MeWOPeqjC.bMBvPzs7I4WH7xPz
content-encoding: gzip
via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 36820
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Mar 2023 23:20:46 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: sjecUBhVzkmpPvzZvpB7lhoXIZFI5Za5sykWwOj-QyY8kUammP0w_w==

GET
H2 200 p.min.js Show response
cdn.xplosion.de/adp/profiling/0.3.1/ 6 KB
3 KB 38ms
10ms Script
application/javascript 2600:9000:2490:de00:e:29d5:db00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xplosion.de/adp/profiling/0.3.1/p.min.js
Requested by: Host: ups.xplosion.de
URL: https://ups.xplosion.de/loader/10775/default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:de00:e:29d5:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ef0a56094a418694fbf1370c4b805a7df2a9787f9dab804d40a0ee24330bb40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: vnL7rOrPh7MFQ3dNiH3_yxdCIgCe6.HX
content-encoding: gzip
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date: Sun, 19 Mar 2023 13:44:47 GMT
last-modified: Wed, 05 Jan 2022 15:58:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 29432
etag: W/"8cf378f0f178a23108ac158a07066a82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: A3LN2WaqBcEneaKUHcPH-6lB9LJa3jVnms59bPd3JgH77VxZ1C2hoQ==

POST
H2 204 events
bidder.criteo.com/csm/ 0
230 B 15ms
14ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Mar 2023 21:55:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 data Show response
ups.xplosion.de/ 1 KB
2 KB 32ms
32ms Script
text/javascript 54.195.112.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ups.xplosion.de/data?title=Weihnachtsgeschichten&hostSiteUrl=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&userAgent=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&userLang=en-US&color=24&os=Win32&timezone=0&screen=1200x1600&event_id=page_view&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&gdpr_success=1&gdpr_path=v2&gdpr_is_ifr=false&gdpr_cmp_loc_1=false&gdpr_cmp_loc_2=true&gdpr_applies=1&gdpr_cmp_status=loaded&gdpr_event_status=tcloaded&_rfs=1&_sid=10775&_ver=0.3.1&_seg=jsonp&_=920609312282
Requested by: Host: cdn.xplosion.de
URL: https://cdn.xplosion.de/adp/profiling/0.3.1/p.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.112.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-112-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a5bd4dc6b6ce4b5fd25f90bba75bf8d154c328d2df04fcb6cba0282a89a55187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 19 Mar 2023 21:55:18 GMT
cache-control: must-revalidate,no-cache,no-store
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"
content-length: 1303
content-type: text/javascript

GET
H2 200 pubads_impl_2023031301.js Show response
securepubads.g.doubleclick.net/gpt/ 397 KB
134 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136873
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:34:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 18 Mar 2024 15:13:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 540 B
307 B 117ms
45ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.weihnachtsgeschichten.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09ed923d66993acde12a25ce370b96c951c7c20e47b72d88c87ca5f52f9a4fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 282
x-xss-protection: 0
expires: Sun, 19 Mar 2023 21:55:19 GMT

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 337ms
105ms Preflight 54.167.218.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.218.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-218-243.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.weihnachtsgeschichten.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sun, 19 Mar 2023 21:55:19 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
461 B 106ms
106ms XHR
text/plain 54.167.218.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.218.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-218-243.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 19 Mar 2023 21:55:19 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 138ms
44ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.weihnachtsgeschichten.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 129ms
43ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.weihnachtsgeschichten.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 1637ms
1636ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=449831584202818&correlator=4044080114011825&eid=31073122%2C31073197&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C800x250%7C900x250&ifi=1&adks=3072894836&sfv=1-0-40&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1679262919153&lmt=1679262919&dlt=1679262918223&idt=888&adxs=0&adys=55&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=830x0&msz=830x0&fws=4&ohw=1600&ga_vid=211563545.1679262919&ga_sid=1679262919&ga_hid=1970287641&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca1d1515036d76a7b8abd2ddc1630eb4ed571a16d9c926962a8ae1d3867d0b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7847
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 677ms
676ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=449831584202818&correlator=4044080114011825&eid=31073122%2C31073197&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C300x600&ifi=2&adks=1048596850&sfv=1-0-40&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1679262919159&lmt=1679262919&dlt=1679262918223&idt=888&adxs=497&adys=853&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=333x40&msz=333x0&fws=4&ohw=1600&ga_vid=211563545.1679262919&ga_sid=1679262919&ga_hid=1970287641&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8356917409b761b961a70e097c8354f8b06cab040ab3b1ac5ea3c8bb917c933b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10998
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
15 KB 1326ms
1325ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=449831584202818&correlator=4044080114011825&eid=31073122%2C31073197&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=1591707242&sfv=1-0-40&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1679262919162&lmt=1679262919&dlt=1679262918223&idt=888&adxs=497&adys=65&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=333x40&msz=333x0&fws=4&ohw=1600&ga_vid=211563545.1679262919&ga_sid=1679262919&ga_hid=1970287641&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6a61f2863b9cb35239f4f604ccc3b59b4a6ea435d50ff52c13c23f75f7bceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14836
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
14 KB 932ms
931ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=449831584202818&correlator=4044080114011825&eid=31073122%2C31073197&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=3271140252&sfv=1-0-40&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1679262919166&lmt=1679262919&dlt=1679262918223&idt=888&adxs=497&adys=873&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=333x40&msz=333x0&fws=4&ohw=1600&ga_vid=211563545.1679262919&ga_sid=1679262919&ga_hid=1970287641&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83e65478b263eea7a3b2c30e65ac048506aedc8883bd089fa6ee695f3e7fb71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14796
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 993 B
506 B 1048ms
1047ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=449831584202818&correlator=4044080114011825&eid=31073122%2C31073197&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fif&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=3607075237&sfv=1-0-40&ists=1&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1679262919168&lmt=1679262919&dlt=1679262918223&idt=888&adxs=0&adys=9706&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=830x41&msz=830x0&fws=4&ohw=1600&ga_vid=211563545.1679262919&ga_sid=1679262919&ga_hid=1970287641&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67b155541bd1a8fe1305b3912422422ba59cb7f711659c32b5d61c8da89d07a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 475
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3127 6 KB
3 KB 172ms
45ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:19 GMT
expires: Mon, 18 Mar 2024 21:55:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/67959763/
Redirect Chain

https://mc.yandex.com/watch/67959763?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.com/watch/67959763/1?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A236%3Afu%3A0%3Aen%3Autf-...

435 B
518 B

62ms
62ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/67959763/1?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A203765363031%3Ahid%3A556347832%3Az%3A0%3Ai%3A20230319215518%3Aet%3A1679262919%3Ac%3A1%3Arn%3A32980943%3Arqn%3A1%3Au%3A1679262919781022788%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C55%2C1%2C61%2C0%2C%2C229%2C2%2C%2C%2C%2C393%3Aco%3A0%3Acpf%3A1%3Ans%3A1679262918080%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679262919%3At%3AWeihnachtsgeschichten&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f5f207bf4dace3a9496e9ffc6bfe94fe153cad4f0c5b88ee3406a1a9d9a8dec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 19-Mar-2023 21:55:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sun, 19-Mar-2023 21:55:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 19-Mar-2023 21:55:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/67959763/1?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A203765363031%3Ahid%3A556347832%3Az%3A0%3Ai%3A20230319215518%3Aet%3A1679262919%3Ac%3A1%3Arn%3A32980943%3Arqn%3A1%3Au%3A1679262919781022788%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C55%2C1%2C61%2C0%2C%2C229%2C2%2C%2C%2C%2C393%3Aco%3A0%3Acpf%3A1%3Ans%3A1679262918080%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679262919%3At%3AWeihnachtsgeschichten&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 19-Mar-2023 21:55:19 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BDD4 15 KB
6 KB 139ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.weihnachtsgeschichten.net&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:18 GMT
server: Kestrel
server-processing-duration-in-ticks: 413540
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 51ms
51ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63c581dea98a400b708a36518e70da2958360040fcd40c8bf3cadc92025d8f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11197
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9947.zH_ftRwc4_qDRQ0z3EGlsbpohDFVuOVO4qwAsA6nz0EZp9fir7iMEIyDkJm01piq.af66WQexb5mG5rw9L_5oP8LLSZM%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9947.lj5gl70RuIJFOORcSHNmfYUPXfFyeUJNOoHHeIUqLSQ7KCQ0jpqdmOsadmkIyHm7089jplO_Gd8KG4CBDxJAQpeM5jZkFwdpCUK8EuYq3NI%2C.7Iz2UHqjLvXW722k3x...

43 B
106 B

62ms
61ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9947.lj5gl70RuIJFOORcSHNmfYUPXfFyeUJNOoHHeIUqLSQ7KCQ0jpqdmOsadmkIyHm7089jplO_Gd8KG4CBDxJAQpeM5jZkFwdpCUK8EuYq3NI%2C.7Iz2UHqjLvXW722k3x1Il3tQj6I%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9947.lj5gl70RuIJFOORcSHNmfYUPXfFyeUJNOoHHeIUqLSQ7KCQ0jpqdmOsadmkIyHm7089jplO_Gd8KG4CBDxJAQpeM5jZkFwdpCUK8EuYq3NI%2C.7Iz2UHqjLvXW722k3x1Il3tQj6I%2C
date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 150ms
60ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 21:55:19 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame BDD4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=weihnachtsgeschichten.net&sn=ChromeSyncframe&so=0&topUrl=www.weihnachtsgeschichten.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=1nxa0nxSYVMxbVNpRzljc2xDbTJZUDQyQXVzZnRWc2F6ZGcrVEVGSzQ4Um50elkvZkVkN0JqTWw4MGpwNXhRUGRJYW53eDUwV1FOVTZJZnRzZEFqbHp2OERxS2lCdGlmRjVZTngyck9YanMxM0FqcHQrMUxRcHNxa05HME...

449 B
674 B

82ms
20ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1nxa0nxSYVMxbVNpRzljc2xDbTJZUDQyQXVzZnRWc2F6ZGcrVEVGSzQ4Um50elkvZkVkN0JqTWw4MGpwNXhRUGRJYW53eDUwV1FOVTZJZnRzZEFqbHp2OERxS2lCdGlmRjVZTngyck9YanMxM0FqcHQrMUxRcHNxa05HMEpQcElDcjZvU1ZXMTVIODBvTi90ZURFdkVWcUxwZ2dSdjBMUXhpT21IZEozTnlaTWdqS1BwQzR1MGNqNktPREt6UlhSKzVKSkxDakdJRVNkSkFWeStZUjJUZ3N3aEErNGlqS3JzUDI4ZXdlS003a1ZZOUZuVEdrSFhDZkc4cWwxYzJLcCtSdTUrR2h6UDg5VzFVNWtydXFHTG9XOTJXRTVJQXRxWEJPaGh6VDl2WFhKLzg3UT18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e8be0bd4ea3b8221886f022679f767ae02b6e26732ad9646d2655a5bf98b67dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2828535
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=1nxa0nxSYVMxbVNpRzljc2xDbTJZUDQyQXVzZnRWc2F6ZGcrVEVGSzQ4Um50elkvZkVkN0JqTWw4MGpwNXhRUGRJYW53eDUwV1FOVTZJZnRzZEFqbHp2OERxS2lCdGlmRjVZTngyck9YanMxM0FqcHQrMUxRcHNxa05HMEpQcElDcjZvU1ZXMTVIODBvTi90ZURFdkVWcUxwZ2dSdjBMUXhpT21IZEozTnlaTWdqS1BwQzR1MGNqNktPREt6UlhSKzVKSkxDakdJRVNkSkFWeStZUjJUZ3N3aEErNGlqS3JzUDI4ZXdlS003a1ZZOUZuVEdrSFhDZkc4cWwxYzJLcCtSdTUrR2h6UDg5VzFVNWtydXFHTG9XOTJXRTVJQXRxWEJPaGh6VDl2WFhKLzg3UT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 356356
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E65F 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 108710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 15:43:29 GMT
expires: Sun, 17 Mar 2024 15:43:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 102E 783 B
1 KB 126ms
46ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8f98033ab87674197a413dbf5f6664dc0e0b1370862f2b1a57f69a4c06277ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oPa5b3Rxs2Jybgkd-GURCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-oPa5b3Rxs2Jybgkd-GURCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:19 GMT
expires: Sun, 19 Mar 2023 21:55:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2D8E 16 B
232 B 63ms
63ms Fetch
application/json 18.132.34.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.132.34.25 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-132-34-25.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 112ms
19ms Preflight 18.132.34.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.34.25 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-34-25.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 19 Mar 2023 21:55:19 GMT
server: nginx

GET
H3 200 h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js Show response
pagead2.googlesyndication.com/bg/ Frame E65F 36 KB
14 KB 108ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 05:03:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 102E 0
0 97ms
69ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023031301&jk=449831584202818&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 62ms
22ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4852
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeG3LrAJAtW%2F31encDgW%2FWqyjlyeqZCPZLm2BRKBsfRDA5nXjpdlXbwDD%2FqPULS%2Bqf4X4WSTX7aUS193QH8rlVzr0wjfB%2FiQUOJdZuhNhZv1JCx32PPaM3gJVAlXamDUQxX74S9H2Za6x4C9VCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7aa8f5817b7f9bbf-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 46ms
19ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: 6MMRD07QTTVY5WE3
age: 2105
etag: W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7aa8f5816869904f-FRA
x-amz-id-2: 2raq5Jnx6oAX0Ycps1Kzff9dKV6lHrZYj85JjHi2+p+G7SpeSO3d8BOABFEkDiqsZaTPahc5GGY=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 17ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Mar 2023 21:55:19 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 36ms
7ms Script
text/javascript 2600:9000:2250:1800:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1800:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 19 Mar 2023 05:18:39 GMT
Via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 59801
ETag: "aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: HkM8HbZLWrwwP-s75allSvXIOi9EJfj4s4uYNqxebXn3xLP__43pLQ==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302271541000/ Frame 4A85 221 KB
61 KB 158ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Mar 2023 23:52:06 GMT
age: 79394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
server: sffe
etag: "4fba9ccee66ca96a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Mar 2024 23:52:06 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 4A85 15 KB
5 KB 220ms
98ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Mar 2023 22:07:23 GMT
age: 172077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "cedf9691907d886d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 16 Mar 2024 22:07:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 4A85 94 KB
28 KB 223ms
101ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Mar 2023 03:10:23 GMT
age: 153897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28954
x-xss-protection: 0
server: sffe
etag: "eb54a928dd76f593"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Mar 2024 03:10:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 4A85 5 KB
2 KB 235ms
114ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Mar 2023 14:53:58 GMT
age: 111682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "aaf5c93962f41d5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Mar 2024 14:53:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 4A85 40 KB
13 KB 236ms
115ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Mar 2023 07:35:10 GMT
age: 138010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "2e1a930b1f14d060"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Mar 2024 07:35:10 GMT

GET
DATA 200
OK truncated
/ Frame 4A85 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9212e302b2d7474c9140d979979fee46932b3d9336545817cd6e91e19c242730

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 15896074417414979158
tpc.googlesyndication.com/daca_images/simgad/ Frame 4A85 115 KB
115 KB 39ms
39ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15896074417414979158

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c23fc4f2ced8ee353c23e19ce32d0e880e3264d8c08dcfff9b370b3c45fe35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 07:44:10 GMT
x-content-type-options: nosniff
age: 137469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118046
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 06:21:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 07:44:10 GMT

GET
H3 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A85 3 KB
3 KB 56ms
54ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 19:41:47 GMT
x-content-type-options: nosniff
server: cafe
age: 8012
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2958
x-xss-protection: 0
expires: Mon, 20 Mar 2023 19:41:47 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4A85 295 B
319 B 42ms
40ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 22:54:35 GMT
x-content-type-options: nosniff
server: cafe
age: 82844
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 19 Mar 2023 22:54:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4A85 0
0 45ms
43ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVo0wdGSra6y5ya0SUVZkZDAukL-JIc5S6i1t3ZzCp5SVZyCXVV_j58wwFeTpahWascL-oIll1g9qAymycaIkPV3pOrA
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4A85 0
0 86ms
85ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQD8zx4QXZMzuDf2TjuwPvNC9qAfQioXNb4-nnefhEdvZHhABIIL-phdgleKQgqAHoAGHg7_3A8gBAuACAKgDAcgDCKoEiQJP0FEOHy9gK5-8Fbgs9A25-KdT23Z6BaajH8U7GVytng1cGJgYzwrb7_rwLeCWGZjg6qKWn9i_f8Ebe6r5FCqDHfSVLsdajQ27qB6jZvnMMexlof5f8YhvQCfQoUCLrgly0UVu-nzrA3WqHkoRttA23wrZXylyi-dHVQJxBzgd9Uu9-Htr7ALFM43WowVrv_LPNW7EzsJxpk1HcbME-1ugBuZxcZuSui6ZFcuKaPQflaSZM4l_Al_t_-S3zQiqJNaEm8WItvWnpHUh2KZlK-CUba-5STvGQUBoRwg9wlVsC4qQdngMRwJAHKp51Arkqj5EeBBWxXEZc-g484em2Gi69JpGaFP-ZQvFwATmwYyl9APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH1czHiAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDwLtIIEgiA4YAQEAEYHTICqgI6A4DAA4AKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi05NDMxMjk4MDM1NTc5MjAwGLa4Ew&sigh=2vjJ4sTSarM&uach_m=[UACH]&cid=CAQSOwDUE5ym2Iyqc3Rj4vyNwRvt62lmqQIuYr5-z7mbXGamGc4f0BaPOmjEFCKrV4QGbzzHLrq1svlCma7XGAE
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
338 B 35ms
7ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.weihnachtsgeschichten.net
date: Sun, 19 Mar 2023 21:55:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E65F 0
10 B 47ms
46ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QocQog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D056 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:19 GMT
expires: Mon, 18 Mar 2024 21:55:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4A85
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

139ms
49ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Sun, 19 Mar 2023 21:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D056 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaxXcx4QXZMjnMMOirAS74rTwCZuh27Fv6eiF8IsR29keEAEggv6mF2CV4pCCoAegAdXOnpUpyAEJqQLVYLTSw-axPuACAKgDAaoEhwJP0CNlrN04_XP5Ufb4lXAJWWpaddBIdge2BT6TLyeX7t45e-W-c4ci3wy3OROU0Fo2UqsJZfjW8DLRAMajuxN9pFnkp4bRkcz3HcPTYISX1u98JdBNUu_bU0_m-jAc39RdKpdAYW_oLBT-MDyZcAg2Yf8DHLjbcBC4X4VPLtgIMGrUSZy1MIFGwWMYE3JLa32tvIq_B3xa_tT5ZAPnEOWfNVismRioVIJC-g23xu_4a4M4nMa5Fah_lpdIJ2QhaSoi781Oc6g69kpt3crpepsqJ4J_uUlo8jasDFHDp9xLbTEzNUkgou86LEQBHvtdtEnS7Wx8yeZ--qMpngdjjrFkAJDCR_oUDcAE0pur7ZoE4AQBkgUECAQYAZIFBAgFGASgBhGAB9WG7_QDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_8wJ0ggSCIDhgBAQARgdMgKqAjoDgMADgAoDyAsB2BMK0BUBgBcBshceChwIABIUcHViLTk0MzEyOTgwMzU1NzkyMDAYtrgT&sigh=X73ud_eE79Y&uach_m=[UACH]&cid=CAQSPADUE5ymNir65TDV9gEAMedOq21vnp39GYIgt2i-uAV8IvGjvVB4VPvEiBcztDmw3iInFjrykuIVadyDyxgB
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 / Show response
server.seadform.net/adfscript/ Frame D056 2 KB
2 KB 110ms
26ms Script
text/javascript 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/adfscript/?bn=60351694;gdpr=1;gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA;OOBClickTrack=https://adclick.g.doubleclick.net/aclk?sa=l&ai=Cm5Zdx4QXZMjnMMOirAS74rTwCZuh27Fv6eiF8IsR29keEAEggv6mF2CV4pCCoAegAdXOnpUpyAEJqQLVYLTSw-axPuACAKgDAaoEigJP0CNlrN04_XP5Ufb4lXAJWWpaddBIdge2BT6TLyeX7t45e-W-c4ci3wy3OROU0Fo2UqsJZfjW8DLRAMajuxN9pFnkp4bRkcz3HcPTYISX1u98JdBNUu_bU0_m-jAc39RdKpdAYW_oLBT-MDyZcAg2Yf8DHLjbcBC4X4VPLtgIMGrUSZy1MIFGwWMYE3JLa32tvIq_B3xa_tT5ZAPnEOWfNVismRioVIJC-g23xu_4a4M4nMa5Fah_lpdIJ2QhaSoi781Oc6g69kpt3crpepsqJ4J_uUlo8jasDFHDp9xLbTFxN2iyIm_HG8X8fQ7do7x6gUx2ZOxQ4iGOezDiUQROLIgUlmID-Nl7w8AE0pur7ZoE4AQBoAYRgAfVhu_0A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAOACgOYCwHICwGADAG4DAHYEwrQFQH4FgGAFwE&num=1&cid=CAQSPADUE5ymNir65TDV9gEAMedOq21vnp39GYIgt2i-uAV8IvGjvVB4VPvEiBcztDmw3iInFjrykuIVadyDyxgB&sig=AOD64_3sb5CCgeQGDofCeVrFkrMnGIBdVA&client=ca-pub-2442391371104067&adurl=

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3f08ef43ade3dd83085fe77ec5569f2ca9302d4f82ad4a7ed97af6200857b85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1803
expires: -1

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D056 36 KB
14 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7769cc22bb77a68446908cddbb26700d20bb85afdaa36b2c426c7e50cb4ffb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14334
x-xss-protection: 0
server: cafe
etag: 5297926946848428567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:15:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D056 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:43:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame D056 20 KB
8 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:07:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D056 0
0 46ms
44ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_MSSiD37QTvZLUYtPf1h3UBtkB_egdoUo4uAJlCxW2d1nDJoh_pujE8LI-awzOFE2CtFSgbKkBVhQhTD7ilU-elymAQ
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D056 158 KB
49 KB 142ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:55:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame D056 22 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:08:28 GMT

GET
H2 200 bootstrap.js Show response
s1.seadform.net/stoat/626/s1.seadform.net/ Frame D056 34 KB
16 KB 183ms
28ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js
Requested by: Host: server.seadform.net
URL: https://server.seadform.net/adfscript/?bn=60351694;gdpr=1;gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA;OOBClickTrack=https://adclick.g.doubleclick.net/aclk?sa=l&ai=Cm5Zdx4QXZMjnMMOirAS74rTwCZuh27Fv6eiF8IsR29keEAEggv6mF2CV4pCCoAegAdXOnpUpyAEJqQLVYLTSw-axPuACAKgDAaoEigJP0CNlrN04_XP5Ufb4lXAJWWpaddBIdge2BT6TLyeX7t45e-W-c4ci3wy3OROU0Fo2UqsJZfjW8DLRAMajuxN9pFnkp4bRkcz3HcPTYISX1u98JdBNUu_bU0_m-jAc39RdKpdAYW_oLBT-MDyZcAg2Yf8DHLjbcBC4X4VPLtgIMGrUSZy1MIFGwWMYE3JLa32tvIq_B3xa_tT5ZAPnEOWfNVismRioVIJC-g23xu_4a4M4nMa5Fah_lpdIJ2QhaSoi781Oc6g69kpt3crpepsqJ4J_uUlo8jasDFHDp9xLbTFxN2iyIm_HG8X8fQ7do7x6gUx2ZOxQ4iGOezDiUQROLIgUlmID-Nl7w8AE0pur7ZoE4AQBoAYRgAfVhu_0A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAOACgOYCwHICwGADAG4DAHYEwrQFQH4FgGAFwE&num=1&cid=CAQSPADUE5ymNir65TDV9gEAMedOq21vnp39GYIgt2i-uAV8IvGjvVB4VPvEiBcztDmw3iInFjrykuIVadyDyxgB&sig=AOD64_3sb5CCgeQGDofCeVrFkrMnGIBdVA&client=ca-pub-2442391371104067&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ef491bc1ef4ccbe91a7b8ffe027a5d372e59133c6a22cc8c5f881c61009f0fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:31:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031301&jk=449831584202818&bg=!x8SlxJDNAAZEjmHWZI47ADkAdvg8WusLk7kB8jU2maIRuWTg01Vhr-m2yfTiVzAWxJlrMPPLvK8o8QGUWI8HwV8e13zQTv5BldECAAAAflIAAAACaAEHmQKnm91xwgxdFMEs5CNkW1lBwVFzESsIDR_cpLJ9Rh9Vdbrdx0nPUPfxD_YyJocGOJTLSBoksq4bDs2gDelE2IWC7Q_HaoIQ7BVaomdzmSlYotdq06uhaeVLzxEl_dIvL73nR8zrp9iCvelWEtnABxhy7TexsvntYypEXLZr9yXDs9iJtOmea5GxIyDp6RjnDYX3lANTPX8mEYDTnzQ-YceBUteFI6zRhFw6P759Rn3LDQKHXK5q5-gjyh21idARb3U-dnVI-WQ5nChs6_9trwJsHZcpvH3SoLU4AVfiEnInxaM0srVNUIFIBr_msqAcRhpryGgK0jbEeBC4IRiauzmcB3lXvF6DI9q43mlKaEcwaFNbymh2v4dxAGlvJmqx9Uc-DiTtGWkHc4SuPnQWYow20RJhvQYIzzReZLiaDJGYVe8MpeHc2Y_pWopRRZqdIW6whB-AXs7Dkg1KqO-lDooglavzU8RTCVL2QVBcKs3QNcEOSapOMnkJ5lmdrbFTQ9LeM1Jkh5Oe5UDIu6Qz2XZY8yhabk69IUNIdjWdoiMM0pgiR3yIWfAPY84OjI26BCfcgtaVsviTCq4Se31pYnPZFW6_BVeDBSctTc_gpPgTUhU0sbMy2Zh5oaoqR8T5kYuwLm6DadscKnK3oXsljWNaCxwuCk8-vAHE3vHcOyzISat4bVicPrM3_23YYv5MvFyN8ZNgrpZXc_39Ud-ipHRAyxiXGx7J5_zXmLbHxgul1Cl5Poyipwpll32lGdDqIZnG3o6y2-R9Oefyi4FbS0voeUVfy-S4KOyEb-AF2Nju-eQJXA8HtvyXDZzeKj1y-2dXJX88wjrDUmNQolIBMfefbB9YLPNG5XfZcmwcoxwlmirDGKnNO5ZMx929OI21d-kxq4PtN7qBWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 container.html Show response
32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB98 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:19 GMT
expires: Mon, 18 Mar 2024 21:55:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
server.seadform.net/adfserve/ Frame D056 12 KB
4 KB 27ms
26ms Script
text/javascript 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/adfserve/?CC=1&bn=60351694;gdpr=1;gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA;oobclicktrack=https%3a%2f%2fadclick.g.doubleclick.net%2faclk%3fsa%3dl%26ai%3dCm5Zdx4QXZMjnMMOirAS74rTwCZuh27Fv6eiF8IsR29keEAEggv6mF2CV4pCCoAegAdXOnpUpyAEJqQLVYLTSw-axPuACAKgDAaoEigJP0CNlrN04_XP5Ufb4lXAJWWpaddBIdge2BT6TLyeX7t45e-W-c4ci3wy3OROU0Fo2UqsJZfjW8DLRAMajuxN9pFnkp4bRkcz3HcPTYISX1u98JdBNUu_bU0_m-jAc39RdKpdAYW_oLBT-MDyZcAg2Yf8DHLjbcBC4X4VPLtgIMGrUSZy1MIFGwWMYE3JLa32tvIq_B3xa_tT5ZAPnEOWfNVismRioVIJC-g23xu_4a4M4nMa5Fah_lpdIJ2QhaSoi781Oc6g69kpt3crpepsqJ4J_uUlo8jasDFHDp9xLbTFxN2iyIm_HG8X8fQ7do7x6gUx2ZOxQ4iGOezDiUQROLIgUlmID-Nl7w8AE0pur7ZoE4AQBoAYRgAfVhu_0A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIgOGAEBABGB0yAqoCOgOAwAOACgOYCwHICwGADAG4DAHYEwrQFQH4FgGAFwE%26num%3d1%26cid%3dCAQSPADUE5ymNir65TDV9gEAMedOq21vnp39GYIgt2i-uAV8IvGjvVB4VPvEiBcztDmw3iInFjrykuIVadyDyxgB%26sig%3dAOD64_3sb5CCgeQGDofCeVrFkrMnGIBdVA%26client%3dca-pub-2442391371104067%26adurl%3d;js=1;adfxid=1x;8326;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.weihnachtsgeschichten.net

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8e89916f673d1f4ba2ba11d5a7f1c15f50bcb52f19825c8a8e7b0f134f151d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3702
expires: -1

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BB98 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf2NGyIQXZNOeC8-SjuwP0NmbqAuopOewb-abv4aDEdvZHhABIIL-phdgleKQgqAHoAHVzp6VKcgBCakC1WC00sPmsT7gAgCoAwGqBIcCT9A6sR2YB33UdbZ3SpP5Aw2hG6DYkYHa1IYbrmEkMR91Um3q9-aIgsDbxELebGkzFz9PPvELTYnCOw6qv0AcnoriiaTyPPg81j2U8FFhOLmQXK9DDTZ5YWRJ4Dnta-9d8qHMjPm47SvvKBNkaGFPD1nJaQ60VbJJszzXM5F1wnI2hOSJiUGfvjD4UhwB2CyTXQhT5mmZpt3MxggiTQ7PtQnOR5ne2Wz5qNA7PYIKHfjR1LU8b3TEpNSlarAqYCsufd-_0dufl03nYO-pJxAKZasSoZhp3dV4uI5UYi41NnUSc2yZ6jtCLhVpKYquCdnb_-WtY63n_wAtjPmBZFQ1ncECQZO5mgbABLL7-LiiBOAEAZIFBAgEGAGSBQQIBRgEoAYRgAfVhu_0A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMGECtIIEgiA4YAQEAEYHTICqgI6A4DAA4AKA8gLAdgTCtAVAYAXAbIXHgocCAASFHB1Yi05NDMxMjk4MDM1NTc5MjAwGLa4Ew&sigh=TwIn630_1jU&uach_m=[UACH]&cid=CAQSPADUE5ymOZv0jHskI5xIxSUiFCcMiNML7ZEA8M16IcbkZUbJd5hsB2Ii6HZqg3TZEhRyjJhsudJtsR3mHBgB
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 / Show response
server.seadform.net/adfscript/ Frame BB98 2 KB
2 KB 27ms
26ms Script
text/javascript 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/adfscript/?bn=60356159;gdpr=1;gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA;OOBClickTrack=https://adclick.g.doubleclick.net/aclk?sa=l&ai=CSUBhyIQXZNOeC8-SjuwP0NmbqAuopOewb-abv4aDEdvZHhABIIL-phdgleKQgqAHoAHVzp6VKcgBCakC1WC00sPmsT7gAgCoAwGqBIoCT9A6sR2YB33UdbZ3SpP5Aw2hG6DYkYHa1IYbrmEkMR91Um3q9-aIgsDbxELebGkzFz9PPvELTYnCOw6qv0AcnoriiaTyPPg81j2U8FFhOLmQXK9DDTZ5YWRJ4Dnta-9d8qHMjPm47SvvKBNkaGFPD1nJaQ60VbJJszzXM5F1wnI2hOSJiUGfvjD4UhwB2CyTXQhT5mmZpt3MxggiTQ7PtQnOR5ne2Wz5qNA7PYIKHfjR1LU8b3TEpNSlarAqYCsufd-_0dufl03nYO-pJxAKZasSoZhp3dV4uI5UYi41NnUSMW64eO37n3TRmOlbic4uV4mNaQDt0Rj5ElDg3MeAt-0al0IhjfMZylTABLL7-LiiBOAEAaAGEYAH1Ybv9AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIDhgBAQARgdMgKqAjoDgMADgAoDmAsByAsBgAwBuAwB2BMK0BUB-BYBgBcB&num=1&cid=CAQSPADUE5ymOZv0jHskI5xIxSUiFCcMiNML7ZEA8M16IcbkZUbJd5hsB2Ii6HZqg3TZEhRyjJhsudJtsR3mHBgB&sig=AOD64_0WUeddQJXYWhe0XuX5lMIPgujwSQ&client=ca-pub-2442391371104067&adurl=

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

808f27afd86ad8a6f766247686c65b7e2ca4d40ef35853ea282f0d9c9d8b7ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1793
expires: -1

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame BB98 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7769cc22bb77a68446908cddbb26700d20bb85afdaa36b2c426c7e50cb4ffb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:15:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14334
x-xss-protection: 0
server: cafe
etag: 5297926946848428567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:15:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame BB98 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:43:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame BB98 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:07:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BB98 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTabmw0OHrhvHAIkjK3TrBCJ7IXLkfoplovd6bxahx1VdTxUpQzNSTaAw5nSYlr25slRhwFh4hst8I2YOslwkyUz_qbRQ
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB98 158 KB
48 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:55:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame BB98 22 KB
9 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:08:28 GMT

GET
DATA 200
OK truncated
/ Frame D056 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7488bcf22df3aa695cf68e32b27e7600796120bc50cfd79b87ddd7e9d0150a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bootstrap.js Show response
s1.seadform.net/stoat/626/s1.seadform.net/ Frame BB98 34 KB
16 KB 34ms
33ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js
Requested by: Host: server.seadform.net
URL: https://server.seadform.net/adfscript/?bn=60356159;gdpr=1;gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA;OOBClickTrack=https://adclick.g.doubleclick.net/aclk?sa=l&ai=CSUBhyIQXZNOeC8-SjuwP0NmbqAuopOewb-abv4aDEdvZHhABIIL-phdgleKQgqAHoAHVzp6VKcgBCakC1WC00sPmsT7gAgCoAwGqBIoCT9A6sR2YB33UdbZ3SpP5Aw2hG6DYkYHa1IYbrmEkMR91Um3q9-aIgsDbxELebGkzFz9PPvELTYnCOw6qv0AcnoriiaTyPPg81j2U8FFhOLmQXK9DDTZ5YWRJ4Dnta-9d8qHMjPm47SvvKBNkaGFPD1nJaQ60VbJJszzXM5F1wnI2hOSJiUGfvjD4UhwB2CyTXQhT5mmZpt3MxggiTQ7PtQnOR5ne2Wz5qNA7PYIKHfjR1LU8b3TEpNSlarAqYCsufd-_0dufl03nYO-pJxAKZasSoZhp3dV4uI5UYi41NnUSMW64eO37n3TRmOlbic4uV4mNaQDt0Rj5ElDg3MeAt-0al0IhjfMZylTABLL7-LiiBOAEAaAGEYAH1Ybv9AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIDhgBAQARgdMgKqAjoDgMADgAoDmAsByAsBgAwBuAwB2BMK0BUB-BYBgBcB&num=1&cid=CAQSPADUE5ymOZv0jHskI5xIxSUiFCcMiNML7ZEA8M16IcbkZUbJd5hsB2Ii6HZqg3TZEhRyjJhsudJtsR3mHBgB&sig=AOD64_0WUeddQJXYWhe0XuX5lMIPgujwSQ&client=ca-pub-2442391371104067&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ef491bc1ef4ccbe91a7b8ffe027a5d372e59133c6a22cc8c5f881c61009f0fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 15:31:32 GMT

GET
H2 200 Standard Show response
s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame D056 90 KB
39 KB 34ms
34ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 16:00:19 GMT

GET
H2 200 / Show response
server.seadform.net/adfserve/ Frame BB98 9 KB
5 KB 27ms
26ms Script
text/javascript 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/adfserve/?bn=60356159;gdpr=1;gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA;oobclicktrack=https%3a%2f%2fadclick.g.doubleclick.net%2faclk%3fsa%3dl%26ai%3dCSUBhyIQXZNOeC8-SjuwP0NmbqAuopOewb-abv4aDEdvZHhABIIL-phdgleKQgqAHoAHVzp6VKcgBCakC1WC00sPmsT7gAgCoAwGqBIoCT9A6sR2YB33UdbZ3SpP5Aw2hG6DYkYHa1IYbrmEkMR91Um3q9-aIgsDbxELebGkzFz9PPvELTYnCOw6qv0AcnoriiaTyPPg81j2U8FFhOLmQXK9DDTZ5YWRJ4Dnta-9d8qHMjPm47SvvKBNkaGFPD1nJaQ60VbJJszzXM5F1wnI2hOSJiUGfvjD4UhwB2CyTXQhT5mmZpt3MxggiTQ7PtQnOR5ne2Wz5qNA7PYIKHfjR1LU8b3TEpNSlarAqYCsufd-_0dufl03nYO-pJxAKZasSoZhp3dV4uI5UYi41NnUSMW64eO37n3TRmOlbic4uV4mNaQDt0Rj5ElDg3MeAt-0al0IhjfMZylTABLL7-LiiBOAEAaAGEYAH1Ybv9AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggSCIDhgBAQARgdMgKqAjoDgMADgAoDmAsByAsBgAwBuAwB2BMK0BUB-BYBgBcB%26num%3d1%26cid%3dCAQSPADUE5ymOZv0jHskI5xIxSUiFCcMiNML7ZEA8M16IcbkZUbJd5hsB2Ii6HZqg3TZEhRyjJhsudJtsR3mHBgB%26sig%3dAOD64_0WUeddQJXYWhe0XuX5lMIPgujwSQ%26client%3dca-pub-2442391371104067%26adurl%3d;js=1;adfxid=2x;3575;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.weihnachtsgeschichten.net

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

018d6b450cc3ae3bf35408ba85c28477fbe447712cab1c27b9706cab61ad6961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4538
expires: -1

GET
DATA 200
OK truncated
/ Frame BB98 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 693af62775c857891bb8a97b203739bfba49fcc138d215c587f07d267e28ff3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
server.seadform.net/csimpr/ Frame D056 35 B
626 B 26ms
26ms Ping
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/csimpr/?bn=60351694&csi=qgIJRLKJXKFVh4ulGEd2tsfXwk7vZ1H81O6mjrKjRY3ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 12294849.js Show response
s1.seadform.net/Banners/Elements/Files/2139170/12294849/ Frame DE4C 57 KB
17 KB 31ms
31ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/12294849.js?ADFassetID=12294849&bv=514
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41f396f423602132a4c289ee6d72b9b6cce06d30bd350924d86287e35f445d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx0000006b9ef9a175b5910-006413a3a0-32957db0-default
etag: W/"dee1028117b4c1d7dc9e9ef8c22d3831"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 Standard Show response
s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame BB98 90 KB
39 KB 34ms
33ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 03 Feb 2023 16:00:19 GMT

GET
H2 200 Adform.DHTML.js Show response
s1.seadform.net/banners/scripts/rmb/ Frame DE4C 30 KB
14 KB 32ms
32ms Script
application/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000f5158cc2df4646e5-0063765d94-329354d9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 200 /
server.seadform.net/csimpr/ Frame BB98 35 B
626 B 26ms
26ms Ping
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/csimpr/?bn=60356159&csi=M4HYSyXR6kLPnovOVFAWB1x8BTKzsDsM5Pqe2Zgsj4LZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 container.html Show response
32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B00F 6 KB
3 KB 37ms
35ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js?cb=31073122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:19 GMT
expires: Mon, 18 Mar 2024 21:55:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 12170212.js Show response
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/ Frame 040C 66 KB
17 KB 30ms
30ms Script
application/x-javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/12170212.js?ADFassetID=12170212&bv=516
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 12fa5cdfd04f7d2158ad7978ecca641764655ed6e4f4b7b49ce166ab2f2a3758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx000009b4b18e1d1734229-00641689fb-32957dc9-default
etag: W/"205da1a871b70d743f45082dd2c4475e"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 pflichttext.png
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 300 B
629 B 27ms
26ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/pflichttext.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2cd0c180b2b9e97370057dcc73a7fdd8957b37d6faeee0465c8e074fa160cf11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx000004f8e04402b3b52b2-006416bf22-32953090-default
etag: "f02bf7023d82f989ac2c9f8db0194277"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 300

GET
H2 200 branding.png
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 1 KB
1 KB 29ms
28ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/branding.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4dad3f839dd5628cacfa843b665dc6c6346ccc358b685f298056b8ca151c4aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx00000b06d64adfa26e674-006413a307-32957db0-default
etag: "e1205a8756b28fb34ca41b2c5173b19c"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1059

GET
H2 200 button.png
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 736 B
1 KB 30ms
28ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/button.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c363db8ff8891786c268808aab4ed7933f4ae1a7a63070845aa990e41bde51cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx00000cbdbb3a95a750d17-006416b2d8-32957db0-default
etag: "4a1b1e56769bd1d5f53993395e802a52"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 736

GET
H2 200 text04.png
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 4 KB
4 KB 30ms
29ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/text04.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5377a498b12bcd216802b834509a0af1a425b386c2941e214c0c0be49136f0b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx0000071d484d7276a2826-006416a791-3295a5be-default
etag: "576babb9f050df1034ae4f62700594e7"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3776

GET
H2 200 text03.png
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 1 KB
2 KB 31ms
29ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/text03.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: facd5c0df5edcdc0288322243ef346f438dfc5fc2f85acc3d2cbd8165d741e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx00000095ea8e725cb5308-006413a307-32953090-default
etag: "23eb4b0f2df769261078757eb7be62ec"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1219

GET
H2 200 motiv02.jpg
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 9 KB
9 KB 33ms
31ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/motiv02.jpg
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: fb0a147d1e9bd8aa4a6bc95c555953297d283e0361a4618cc92e78314c30c6b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx00000756a8f2a7811e277-006416bf22-32957db0-default
etag: "49540126699187b0f039f417a3c77366"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9107

GET
H2 200 text02.png
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 4 KB
4 KB 34ms
33ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/text02.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b14baeba70173dafeb5a20211edfd4b9382eac3ab5bfa619858a8ddb2db9566c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx00000b1831c33e757864d-006413a307-3295a5be-default
etag: "56d0737c49e91790f4e35211e75144d4"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3751

GET
H2 200 text01.png
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 4 KB
4 KB 34ms
33ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/text01.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 57e4fcf332c781bb9d2c51e7f730a27e394ccf8e06552033c8204417ebfc5f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx0000055c89b88f3956f30-006416b318-32957db0-default
etag: "955f449a4439fc61ea55e30131501d83"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4008

GET
H2 200 motiv01.jpg
s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/ Frame DE4C 22 KB
22 KB 38ms
37ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12294849/bvpath_514/motiv01.jpg
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9e2dda87f17264190a31cc9531266bbef219db884866b524abfb298a336833a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Tue, 24 Jan 2023 09:34:49 GMT
server: nginx
x-amz-request-id: tx0000016f95abd3d838c7e-006416bf22-32957db0-default
etag: "a246ac44e429ad06872ea51509872bcc"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22048

GET
H2 200 Adform.DHTML.js Show response
s1.seadform.net/banners/scripts/rmb/ Frame 040C 30 KB
14 KB 37ms
36ms Script
application/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.seadform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx00000f5158cc2df4646e5-0063765d94-329354d9-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C7D8 2 KB
543 B 56ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNV-Y25NWXmxSrIxsLNu3-L_RSlCuR_iRbB4yyvkmRaz3xB1EbE8EzYzwW_3-7mAUVszxx3uKNkv-7i0j8K05dq40XeVCap4q5UnJoL8txHsO3WpOoTabC52w-vu3K9OmIuZb9K-n4kJnF4nS8lXGqxLfLUMtnyqyWv_WnKzvERWS2QSyeXToRDN2acZiPHSaJMnkUCbDcBST3zNWJuV8NMemHZuESbGaUW5J91enrQOvEHTvpNWo1WeSL2mCGIpjXpi8H7QKkTeHGwhn-f8jGx-nQQxfjJDBZmEx4cpkIaHCSXozu5U8FcojYmw599tMKY98kuN-e1hQh9J72UJ1nYsQ46RfzQy51R1agIIby9hTZsjrUhqBNufJ8PqI410a7zwY--KdWPUYjwveIHOc5C7hPK7s4hzXEvDzLAoe0vOx3XXL7aLH6ObnDCIhDAkV105EwcmsgpPEKne2N72z_a0SA6CoKCIXtDUZz81m2hpbODUDaMqxBMyGZ9vPoYQiqDJbtzdP1q4xgUVu3YR1tpd0P2rPepUb7BgndRwAOaxn3HPcg3ale-rssZRiVdNXHo8JjsLtmZ1JG7CwoBY8c6WCoQUqFsjJIfLNfkUIjjIiX0AMbKy6JN3VolQ1WPHdcCeFGvbbrsJdy714jsCfPjrwzdh3Nf8eOQTV06KyuNgnHRQBODXhYjITp17L7QrOkHQMqDTB5INm-dJ9LsKefcTYYpFrJLPo1v1VlHoP1tS_VPiUcE

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d7bc9b39ae4a336f68035f2a7d555d525024a310e1393e77f670ec1db800434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 523
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B00F 78 KB
27 KB 75ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:55:20 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B00F 42 B
63 B 71ms
69ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-V9ihWIK0tU_9JgX0q5gdC8PKapaTW14aYyt878rOx48BiixqgWT2QNyes2XU_ztLkIuvgGqCCyeKcBQ9cWCMyglO7tvXr0vIE406zX6eTaPWa5A

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B00F 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2325256619168759569&x=1&ct=76

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame B00F 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 15:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 15:43:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame B00F 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 18:07:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B00F 158 KB
48 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:55:20 GMT

GET
H2 200 pflichttext.png
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 342 B
671 B 26ms
26ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/pflichttext.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 88dec8ad867811fd155084b66e26775ca40e1565f53f5cf8f73d22fda91ec25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx00000750e54c22b858663-00641689fb-32957dc9-default
etag: "97d4eb3fd5e9ebabed5de40d077acfac"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 342

GET
H2 200 branding.png
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 2 KB
2 KB 27ms
25ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/branding.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0db6afabea66afcd07082caaba10bcb24cbae5898cc09814e1272c4f4344166b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx00000a42f097c0775e771-00641689fb-3295cdcc-default
etag: "91f20bbdf767f34691f094f53e67a575"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2067

GET
H2 200 button.png
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 701 B
1 KB 30ms
28ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/button.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 72e42a24769b4b43b7dafaa7c9e2a8985a172347823a44ad740b1b39dad13210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx00000fd20d31cf788b329-00641689fb-329530c7-default
etag: "4d8fbc0fc424548c54d7e74e350de839"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 701

GET
H2 200 text04.png
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 2 KB
2 KB 30ms
29ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/text04.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 48947b7b416354878784f179507f0a1ff89d9fc0792a2a6cc74cf54fb434cd65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx0000037f25a073020995a-00641689fb-329530c7-default
etag: "118d034d269f4195920e1d5d7ce5e6e8"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1604

GET
H2 200 text03.png
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 1 KB
2 KB 31ms
29ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/text03.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 956ea70795362caa0187b62693e699abe204033ad9bbd4158f30219a76de0d29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx000009da1089677f3ec3b-00641689fb-329530c7-default
etag: "0503557a273504d776bee1ead0faa474"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1307

GET
H2 200 motiv02.jpg
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 16 KB
16 KB 34ms
32ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/motiv02.jpg
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2d3e6fd5e5a5a11ab8b89f7f11db6d6671289fc47b72d07fc3f72029898d6b9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx00000f6b0ac42b73be38b-00641689fb-32957db0-default
etag: "b95b29f8bc0b4b225ffeab1b52a78e0a"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16340

GET
H2 200 text02.png
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 2 KB
2 KB 34ms
33ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/text02.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 166d8aee3094ec0d0fedc2db462e8583bb3fdfe13670fcee9012dbbd5313cea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx00000189b9d3a3e70bd4d-00641689fb-32953090-default
etag: "7ffaa97ebeaef3bf8e2147b2542c98fe"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1939

GET
H2 200 text01a.png
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 2 KB
2 KB 35ms
34ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/text01a.png
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: da04867749692cf4c35407addf8d96775a495d5ada998f38248ecc7c5e085f04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx00000aa7b5f39e966f0d3-00641689fb-329530c7-default
etag: "487076ed4573434872f03bbe9ba5f534"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1955

GET
H2 200 motiv01.jpg
s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/ Frame 040C 25 KB
25 KB 37ms
36ms Image
image/jpeg 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.seadform.net/Banners/Elements/Files/2139170/12170212/main/bvpath_516/motiv01.jpg
Requested by: Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6b22116369a4bf07f69ceccd63521a839b8a343c83329ae0184fcd1c6a80c62e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:20 GMT
last-modified: Mon, 19 Dec 2022 12:37:06 GMT
server: nginx
x-amz-request-id: tx00000dcb4036de9cdbaab-00641689fb-3295a5be-default
etag: "ad9a4c46aef83d4f72b8dc57e19cb197"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25280

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAk...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfphAupdfQkL7PtOEt5gd8&google_cver=1&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyAC...

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfphAupdfQkL7PtOEt5gd8&google_cver=1&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&addtl_consent=1~584.1033
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNV-Y25NWXmxSrIxsLNu3-L_RSlCuR_iRbB4yyvkmRaz3xB1EbE8EzYzwW_3-7mAUVszxx3uKNkv-7i0j8K05dq40XeVCap4q5UnJoL8txHsO3WpOoTabC52w-vu3K9OmIuZb9K-n4kJnF4nS8lXGqxLfLUMtnyqyWv_WnKzvERWS2QSyeXToRDN2acZiPHSaJMnkUCbDcBST3zNWJuV8NMemHZuESbGaUW5J91enrQOvEHTvpNWo1WeSL2mCGIpjXpi8H7QKkTeHGwhn-f8jGx-nQQxfjJDBZmEx4cpkIaHCSXozu5U8FcojYmw599tMKY98kuN-e1hQh9J72UJ1nYsQ46RfzQy51R1agIIby9hTZsjrUhqBNufJ8PqI410a7zwY--KdWPUYjwveIHOc5C7hPK7s4hzXEvDzLAoe0vOx3XXL7aLH6ObnDCIhDAkV105EwcmsgpPEKne2N72z_a0SA6CoKCIXtDUZz81m2hpbODUDaMqxBMyGZ9vPoYQiqDJbtzdP1q4xgUVu3YR1tpd0P2rPepUb7BgndRwAOaxn3HPcg3ale-rssZRiVdNXHo8JjsLtmZ1JG7CwoBY8c6WCoQUqFsjJIfLNfkUIjjIiX0AMbKy6JN3VolQ1WPHdcCeFGvbbrsJdy714jsCfPjrwzdh3Nf8eOQTV06KyuNgnHRQBODXhYjITp17L7QrOkHQMqDTB5INm-dJ9LsKefcTYYpFrJLPo1v1VlHoP1tS_VPiUcE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfphAupdfQkL7PtOEt5gd8&google_cver=1&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&addtl_consent=1~584.1033
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 790
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7D8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhA...
https://dsum-sec.casalemedia.com/rrum?addtl_consent=1~584.1033&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX...
https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQE...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfphAupdfQkL7PtOEt5gd8&google_cver=1&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyAC...

43 B
766 B

14ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfphAupdfQkL7PtOEt5gd8&google_cver=1&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNV-Y25NWXmxSrIxsLNu3-L_RSlCuR_iRbB4yyvkmRaz3xB1EbE8EzYzwW_3-7mAUVszxx3uKNkv-7i0j8K05dq40XeVCap4q5UnJoL8txHsO3WpOoTabC52w-vu3K9OmIuZb9K-n4kJnF4nS8lXGqxLfLUMtnyqyWv_WnKzvERWS2QSyeXToRDN2acZiPHSaJMnkUCbDcBST3zNWJuV8NMemHZuESbGaUW5J91enrQOvEHTvpNWo1WeSL2mCGIpjXpi8H7QKkTeHGwhn-f8jGx-nQQxfjJDBZmEx4cpkIaHCSXozu5U8FcojYmw599tMKY98kuN-e1hQh9J72UJ1nYsQ46RfzQy51R1agIIby9hTZsjrUhqBNufJ8PqI410a7zwY--KdWPUYjwveIHOc5C7hPK7s4hzXEvDzLAoe0vOx3XXL7aLH6ObnDCIhDAkV105EwcmsgpPEKne2N72z_a0SA6CoKCIXtDUZz81m2hpbODUDaMqxBMyGZ9vPoYQiqDJbtzdP1q4xgUVu3YR1tpd0P2rPepUb7BgndRwAOaxn3HPcg3ale-rssZRiVdNXHo8JjsLtmZ1JG7CwoBY8c6WCoQUqFsjJIfLNfkUIjjIiX0AMbKy6JN3VolQ1WPHdcCeFGvbbrsJdy714jsCfPjrwzdh3Nf8eOQTV06KyuNgnHRQBODXhYjITp17L7QrOkHQMqDTB5INm-dJ9LsKefcTYYpFrJLPo1v1VlHoP1tS_VPiUcE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 21:55:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKfphAupdfQkL7PtOEt5gd8&google_cver=1&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C7D8 170 B
232 B 146ms
50ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=1&gdpr_consent=CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA&addtl_consent=1~584.1033

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrdT4xgEwAQ&v=APEucNV-Y25NWXmxSrIxsLNu3-L_RSlCuR_iRbB4yyvkmRaz3xB1EbE8EzYzwW_3-7mAUVszxx3uKNkv-7i0j8K05dq40XeVCap4q5UnJoL8txHsO3WpOoTabC52w-vu3K9OmIuZb9K-n4kJnF4nS8lXGqxLfLUMtnyqyWv_WnKzvERWS2QSyeXToRDN2acZiPHSaJMnkUCbDcBST3zNWJuV8NMemHZuESbGaUW5J91enrQOvEHTvpNWo1WeSL2mCGIpjXpi8H7QKkTeHGwhn-f8jGx-nQQxfjJDBZmEx4cpkIaHCSXozu5U8FcojYmw599tMKY98kuN-e1hQh9J72UJ1nYsQ46RfzQy51R1agIIby9hTZsjrUhqBNufJ8PqI410a7zwY--KdWPUYjwveIHOc5C7hPK7s4hzXEvDzLAoe0vOx3XXL7aLH6ObnDCIhDAkV105EwcmsgpPEKne2N72z_a0SA6CoKCIXtDUZz81m2hpbODUDaMqxBMyGZ9vPoYQiqDJbtzdP1q4xgUVu3YR1tpd0P2rPepUb7BgndRwAOaxn3HPcg3ale-rssZRiVdNXHo8JjsLtmZ1JG7CwoBY8c6WCoQUqFsjJIfLNfkUIjjIiX0AMbKy6JN3VolQ1WPHdcCeFGvbbrsJdy714jsCfPjrwzdh3Nf8eOQTV06KyuNgnHRQBODXhYjITp17L7QrOkHQMqDTB5INm-dJ9LsKefcTYYpFrJLPo1v1VlHoP1tS_VPiUcE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C7D8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwOTIzMDA0ODg3NjIxNjU2MA%3D%3D

170 B
409 B

76ms
45ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwOTIzMDA0ODg3NjIxNjU2MA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 19 Mar 2023 21:55:20 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.194; 185.213.155.194; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 873e1ae8-18d7-4126-80f0-fcfd30370b13
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwOTIzMDA0ODg3NjIxNjU2MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B00F 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2489881876890&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B00F 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2489881876890&version=m202301230201&ct=76&x=1&cor=2325256619168760000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B00F 88 KB
36 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac4bXXA6Yh1bWaSjaT4v3Z4JzKzsgTJEwNksr5_qO-HFlARrzgGXH3XeXa3QvaDHN5udzkZlnMyzoJSiJqXNJZ80l5jKyLxtSiE-SuBCT3lr35_kvcC5V02IASrnXGSHETwG3hIX71ZrjT6uai2dXL7Yo3a4PX5JsyDxzjuwXy1xMbUzI&dbm_d=AKAmf-DzjsKM1IjorY5mhHpersgK2_bDD7YYfnA-3b-LCoDVN-2ZAK2mkmYfdyPi8WoJB9C4pwB1W05hxUvRKVWWC_p2Znb-YFyGprJpy6xQtEHbAwVavjec2iOjZSDKuhnT7_8iwi-j_hOu_4PNUzXU1vTpZhNQ-Vit-JZ0EuFtiHEEZXLEZRht-1IOdGQQiJXDoyl-eEShvQfC-qi732iYEGY1chl5XB8p6XX-nIUqu1cZdBAYQFk0snKPzOAnaqFm1RxupwaSc34sZjupjS0bXyMKz1Qqyog2NYL2vzOu3CkZR9hcbkcl-voyq_gwwPZDlHMy-Flm3fNOgor_0Pl1iSn6KfMOYiZx4nkp8WCTqAtoo6Lj1F3ncnyAyIqdGkxuVZ_1EyQcJ1PtL8i0e9s-c2k1nbwOBC-oVkuMCesT31JtzTNjyQRImLSgkKytLYjJYOYKz8q9urc_wHWPsMKSFpjJA1D4rvZKVKVeOUkXSS_KEgShWZzJz3lip7ZWxxlaOBa4kwm4Fluulzc6r84C8vy9hYSD2jSRLQTiYO9t9uk8jGdzXbthYJQCBTotb9jjrGxrInfXuCOMDnE-z-Dq1DbIK6Q5_29RCNFBjXdHDQrsieFMqbDoDrP1dmfYdi3Eq_OgV9TLLwHMOvTAU95FHZvrPefZ2X7XiJH2ERrM8rZTTqwekA-ggHNu5IetJIlguPtfKrpzcMbJhRLL6XhOuHuyHBsJi3o8UiGkectVkcplAl9nHkXlAWX68FENe5KlO9aYuhRd_xNNTjBaUVxVSqN_n7lQkF89y_1qkRySB3bEhnu5GJSQLn2KDc_VdhvT_wLlCvG_QarGAq9-yzs5xRkutFEnhBFY33QVn4CGu4Kta6AeL3MonHaAXmuPa2CauFdDRADnQ4oP--oy0wkHzzLvPdDN75StRoMElxVmoYnJ4ErCFClbEvemDzW8gW1BPOFKNnb5CoMB22KKr-W1nG1uXVnX2IYq-hF2y0rqT2EeeSQv29H1m75LfetYe35mGv1wx77_h7-0Msjg_oxD77ycIAp4R0wqAbBcRsFPioeINxwTRB0jiH0mZxd8LvA_6Mv5MiEo4Ykh-qhtNOGe1OVitEZ-rB6Gds80bndvPPrGXpTy6zKpvgaOUoDFn4D-JfGLTvHfTPq1nhMZDJ6TzNCzP57Ktkm4kF6qfYsj9eIm3cstXSftFSUklonNITBc37RLkHf4rahhiZqQNpLq5n7hgXRTYcwS7yNQnpqY1qn9o-XjhNuzrFwzUIDmH3W-dCP5F3WqhG_3NSn9esdCD4FFoJTW-327m0Lo2jMDJbc6ZOjAiBpXcwabjlqQiPEhYopBXZ4N7dm5ATDxC46xg-gJyZ6dHHIMgY_UKxy561CzXqB4HjgOpSY55e3j0Zxh2EBSNZtmo8pDdTD9_i72stzPwbLplv8FKVQsHUoqSB8KW8sxN5s3HpfD0m7_DXx_F89ctfJyXhWBfboNKPXsDEqIF3uuBA75GYPo9mlp9HsUs4IIvq3ask1ILtQt8TttM5AzjfCCzwSnYoRla6_M8bI3ewr9hOPdWpUZtRcuAuo2H7JJG5CGGES4ULxt2GleoTfL2qQYcYQxqESHakec5rgGtlWjjsXu9ksufq0eyY5asM9dZoM9H-ErKqmJNGa3k3Q42rw78zrMcDhr-BdQWQY2cmK2aa2Xv-0w9g2IV-sJ7bSWFPsXHY3LDxdkX_lw_KV-tYOeNHybaldVSj6aOTG1Csrm7Vn6tw6cy_9K-htoGeoYzz17gpJxe5A6muq5o6kkUODvWh0Z7kQrmG6gw8bNqMzA6gRL1et-C5E-2uhzA-C0RuwrHOIRU0gqX-8TPR1K7IDSROPQLmwDu5v1w3tKJk88M5V1pZWsjz__kBZyZbhmBZ2fyCpewiXbq6nSIoleS_QD8UGs3s5JXTuoIFnDNL9ZJdVMDyeWQitYPztDZOpcnNP5bYTPrumDmHS9MvSqhF8HHASvwJwQlyKi56b8wV0ynUyPYDPBbIFmkEo_A8r-JMuEdjY_ADFi9LFLRxxcHFsopRrcwDJR5doODmrYK4-c6n95m9CHNoX3wGcOaXpsWJZSOfFE0tAXUG7vE1CiaLRgnWXsOtHh69ugZOmhdcY7FAnzSoGJzPetrK3-O_Ti6eNkIdQvz0kUML8E4z49UJ6afrx_OE8O8fhLhtMm-5bV1bgRkHhzT4E01h4OIsdDv7mXR9rEKi3AsYMex84dj3Pfn-tWi4FgwEs67lJUav0o0m4ucMpodfsx2Xwp7ft3cI76RX-JWgvYLyqFl-zNKrO-gyM_Yz_Ehn19YGNbXPZDiM1oBJjh4kTaHSx_6vMLln9SIEUPIO3WpHofaNYiS8MJDAeQjpKqJvORtRPQmkA1TKBWaJ4CHQhm4dratd7hlxgnt6UienLDqVEr69tpvhP3Rbn153mqDJKOxkcIHkHgDe3puqVqhrW_fJShYKgd82SxyBlTyblAaE_W3grrII2h9p3WFIuyrJKdo-2hWQw_jT11QhnIll66gtipjqz7vteG7ot-3JwafNH8HqZv89jpwmJWZ4qkJO7S0UqEj2me70Vq-xu9b9BUyQRSDun5E9GXTnBgwjgxzm8sBuccX3iGEHsaMMorunygGj9xp_2MhijzTHWING-jdVHoqY38Z2-3g-U3OG7Bgb8dCzBn0nGSaoaagEEouFpuVxHx7q_1cDjxcyX1ZwaBPVCrtt5KbkcvnuQdwldCtgOWBxX3Z6CZfXBeYBjR20feWJJjidsbCpNtxZ-i9mLOgtKMRhhmQh_Fbu5IlXvM6Zu-fpQzzWKIfEa4p53lA0VvlRcmgkzwUV2liU-irwRQQ_UozyLeICFOOaxRA33UeEov4Hu9yGYm79v6KUcP4T-Jto3qc3vItjQhxPGWynbt4STWcqspDN_Uq0FLgN7izgTxUWOeJrKk8fZ-p4vjCnDJcYDS_GcyYj7AH2NiS7g0RtaNDA9h4ZZNeetVmf5tJHdexPQl6JPyGXSiIS-YR6ad53PloMiRj45CZCtx1v0Vft_foXnwGGqwfllKG92lmlsqmQDMxVfJNcF9eTrsc_nsFob12UvWWAxuOpmsjNetIOPtp8-LgeJrDIrfwQxFPxelGRs3sX7lHEGYCsd6aXFz-tAJ0OL7USvTMnEev-DdaBassSSuB9be9I5a8P4lQ3e15-mU87YGMLMSoP_Glnu744lUPuODuCN_MgYoXDKmhBwMqgYpoATTFFFZzVNJwxWL5NpjyabL0X7pEWJCJsp1EFEWkm20d5IdVDcVqXGvDrFTeci8tqOB3mejYR7WAGm_t_aaV20rslBOSma-qHjSpyri8Bjem5c_vidlTr6XQYexmYI_szmqRUpH3VblmdbMFUydDekOS58nIqi40onf6Ei8BpARmpbAP8IRjourGR6UNREc9RAv0RZsI6EM49gH25gDn1Y-z90j4zKGrkjw0UyZ57r5NZdxCJFuMqs-M5FZ_Te9fbParMkZhQlNye3dAVvMIBAPOXXR-pleP-fMH59thUiqFQTJvavDl0K8gLD4YCYaVnOpsg6c18XdVijGvmV-kyrR0VsHfebzfiF-3bzQ3kU-EWJNHa_ku2WU1q3eCD_O5PhdnGtiaoDnN-vxHR2rKMp7EeKlgaffYql193aqkWUYNV_VgPvgbbZ9YzU8FyTUgkig4Qo1pd3u6G953PD2JdH6Q40B9W55emFcr6pUiRSJ1e8Hn-KpLT5HwVR8lT4QK76cYmu3sWCZhF5n8KOY0CZCDittd2phZe2FvDghSDWfQwDDgwcc4dztl8W60RRKR3u9MBZHPQii4gPIaA9Dzjgvy-N19FnEuZ2OJdarAJRGw4jKQT5kIAYM3SVR-QmjkZq5ZZH-6RIEkAVpVAo6zQJ-UvcKGZZ6eU_Dv2GUZ1s2dH10EfQGRxEVbMg2eJZ79AmrFfPVx6VMUde0a6df5hvO6inxMgYhmrE77OOmHfFPDUKVkSAV_EMRXqHQcc4n2hjERZyX3FnTTmYW8KTQi0k2J63fhUXk0C7aecyvVUuuIsOLnoHq5NXgdHePAG37SMiGmCM9DvkhXGI_HrQZE94tvRZDZM5xG4zN6tYfCfgRxp8x6kRlqVfxgdt4CmxF0Js&cid=CAQSPADUE5ymS9Rx18oIaGyfFGaBMX9cqE3Kw5WRWXTMhzBRDkEq1jruPZkIelTdlaP4ztByI70q9CXJE9xzDBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&ds=l&xdt=1&iif=1&cor=2325256619168760000&adk=4188270525&idt=97&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f89765d3d7243cc2347d922ff9a4b328740228cff1b901f3685086578b77d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37017
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B00F 170 KB
59 KB 129ms
35ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
Origin: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 07:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Mar 2023 07:15:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/ Frame B00F 11 KB
4 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac4bXXA6Yh1bWaSjaT4v3Z4JzKzsgTJEwNksr5_qO-HFlARrzgGXH3XeXa3QvaDHN5udzkZlnMyzoJSiJqXNJZ80l5jKyLxtSiE-SuBCT3lr35_kvcC5V02IASrnXGSHETwG3hIX71ZrjT6uai2dXL7Yo3a4PX5JsyDxzjuwXy1xMbUzI&dbm_d=AKAmf-DzjsKM1IjorY5mhHpersgK2_bDD7YYfnA-3b-LCoDVN-2ZAK2mkmYfdyPi8WoJB9C4pwB1W05hxUvRKVWWC_p2Znb-YFyGprJpy6xQtEHbAwVavjec2iOjZSDKuhnT7_8iwi-j_hOu_4PNUzXU1vTpZhNQ-Vit-JZ0EuFtiHEEZXLEZRht-1IOdGQQiJXDoyl-eEShvQfC-qi732iYEGY1chl5XB8p6XX-nIUqu1cZdBAYQFk0snKPzOAnaqFm1RxupwaSc34sZjupjS0bXyMKz1Qqyog2NYL2vzOu3CkZR9hcbkcl-voyq_gwwPZDlHMy-Flm3fNOgor_0Pl1iSn6KfMOYiZx4nkp8WCTqAtoo6Lj1F3ncnyAyIqdGkxuVZ_1EyQcJ1PtL8i0e9s-c2k1nbwOBC-oVkuMCesT31JtzTNjyQRImLSgkKytLYjJYOYKz8q9urc_wHWPsMKSFpjJA1D4rvZKVKVeOUkXSS_KEgShWZzJz3lip7ZWxxlaOBa4kwm4Fluulzc6r84C8vy9hYSD2jSRLQTiYO9t9uk8jGdzXbthYJQCBTotb9jjrGxrInfXuCOMDnE-z-Dq1DbIK6Q5_29RCNFBjXdHDQrsieFMqbDoDrP1dmfYdi3Eq_OgV9TLLwHMOvTAU95FHZvrPefZ2X7XiJH2ERrM8rZTTqwekA-ggHNu5IetJIlguPtfKrpzcMbJhRLL6XhOuHuyHBsJi3o8UiGkectVkcplAl9nHkXlAWX68FENe5KlO9aYuhRd_xNNTjBaUVxVSqN_n7lQkF89y_1qkRySB3bEhnu5GJSQLn2KDc_VdhvT_wLlCvG_QarGAq9-yzs5xRkutFEnhBFY33QVn4CGu4Kta6AeL3MonHaAXmuPa2CauFdDRADnQ4oP--oy0wkHzzLvPdDN75StRoMElxVmoYnJ4ErCFClbEvemDzW8gW1BPOFKNnb5CoMB22KKr-W1nG1uXVnX2IYq-hF2y0rqT2EeeSQv29H1m75LfetYe35mGv1wx77_h7-0Msjg_oxD77ycIAp4R0wqAbBcRsFPioeINxwTRB0jiH0mZxd8LvA_6Mv5MiEo4Ykh-qhtNOGe1OVitEZ-rB6Gds80bndvPPrGXpTy6zKpvgaOUoDFn4D-JfGLTvHfTPq1nhMZDJ6TzNCzP57Ktkm4kF6qfYsj9eIm3cstXSftFSUklonNITBc37RLkHf4rahhiZqQNpLq5n7hgXRTYcwS7yNQnpqY1qn9o-XjhNuzrFwzUIDmH3W-dCP5F3WqhG_3NSn9esdCD4FFoJTW-327m0Lo2jMDJbc6ZOjAiBpXcwabjlqQiPEhYopBXZ4N7dm5ATDxC46xg-gJyZ6dHHIMgY_UKxy561CzXqB4HjgOpSY55e3j0Zxh2EBSNZtmo8pDdTD9_i72stzPwbLplv8FKVQsHUoqSB8KW8sxN5s3HpfD0m7_DXx_F89ctfJyXhWBfboNKPXsDEqIF3uuBA75GYPo9mlp9HsUs4IIvq3ask1ILtQt8TttM5AzjfCCzwSnYoRla6_M8bI3ewr9hOPdWpUZtRcuAuo2H7JJG5CGGES4ULxt2GleoTfL2qQYcYQxqESHakec5rgGtlWjjsXu9ksufq0eyY5asM9dZoM9H-ErKqmJNGa3k3Q42rw78zrMcDhr-BdQWQY2cmK2aa2Xv-0w9g2IV-sJ7bSWFPsXHY3LDxdkX_lw_KV-tYOeNHybaldVSj6aOTG1Csrm7Vn6tw6cy_9K-htoGeoYzz17gpJxe5A6muq5o6kkUODvWh0Z7kQrmG6gw8bNqMzA6gRL1et-C5E-2uhzA-C0RuwrHOIRU0gqX-8TPR1K7IDSROPQLmwDu5v1w3tKJk88M5V1pZWsjz__kBZyZbhmBZ2fyCpewiXbq6nSIoleS_QD8UGs3s5JXTuoIFnDNL9ZJdVMDyeWQitYPztDZOpcnNP5bYTPrumDmHS9MvSqhF8HHASvwJwQlyKi56b8wV0ynUyPYDPBbIFmkEo_A8r-JMuEdjY_ADFi9LFLRxxcHFsopRrcwDJR5doODmrYK4-c6n95m9CHNoX3wGcOaXpsWJZSOfFE0tAXUG7vE1CiaLRgnWXsOtHh69ugZOmhdcY7FAnzSoGJzPetrK3-O_Ti6eNkIdQvz0kUML8E4z49UJ6afrx_OE8O8fhLhtMm-5bV1bgRkHhzT4E01h4OIsdDv7mXR9rEKi3AsYMex84dj3Pfn-tWi4FgwEs67lJUav0o0m4ucMpodfsx2Xwp7ft3cI76RX-JWgvYLyqFl-zNKrO-gyM_Yz_Ehn19YGNbXPZDiM1oBJjh4kTaHSx_6vMLln9SIEUPIO3WpHofaNYiS8MJDAeQjpKqJvORtRPQmkA1TKBWaJ4CHQhm4dratd7hlxgnt6UienLDqVEr69tpvhP3Rbn153mqDJKOxkcIHkHgDe3puqVqhrW_fJShYKgd82SxyBlTyblAaE_W3grrII2h9p3WFIuyrJKdo-2hWQw_jT11QhnIll66gtipjqz7vteG7ot-3JwafNH8HqZv89jpwmJWZ4qkJO7S0UqEj2me70Vq-xu9b9BUyQRSDun5E9GXTnBgwjgxzm8sBuccX3iGEHsaMMorunygGj9xp_2MhijzTHWING-jdVHoqY38Z2-3g-U3OG7Bgb8dCzBn0nGSaoaagEEouFpuVxHx7q_1cDjxcyX1ZwaBPVCrtt5KbkcvnuQdwldCtgOWBxX3Z6CZfXBeYBjR20feWJJjidsbCpNtxZ-i9mLOgtKMRhhmQh_Fbu5IlXvM6Zu-fpQzzWKIfEa4p53lA0VvlRcmgkzwUV2liU-irwRQQ_UozyLeICFOOaxRA33UeEov4Hu9yGYm79v6KUcP4T-Jto3qc3vItjQhxPGWynbt4STWcqspDN_Uq0FLgN7izgTxUWOeJrKk8fZ-p4vjCnDJcYDS_GcyYj7AH2NiS7g0RtaNDA9h4ZZNeetVmf5tJHdexPQl6JPyGXSiIS-YR6ad53PloMiRj45CZCtx1v0Vft_foXnwGGqwfllKG92lmlsqmQDMxVfJNcF9eTrsc_nsFob12UvWWAxuOpmsjNetIOPtp8-LgeJrDIrfwQxFPxelGRs3sX7lHEGYCsd6aXFz-tAJ0OL7USvTMnEev-DdaBassSSuB9be9I5a8P4lQ3e15-mU87YGMLMSoP_Glnu744lUPuODuCN_MgYoXDKmhBwMqgYpoATTFFFZzVNJwxWL5NpjyabL0X7pEWJCJsp1EFEWkm20d5IdVDcVqXGvDrFTeci8tqOB3mejYR7WAGm_t_aaV20rslBOSma-qHjSpyri8Bjem5c_vidlTr6XQYexmYI_szmqRUpH3VblmdbMFUydDekOS58nIqi40onf6Ei8BpARmpbAP8IRjourGR6UNREc9RAv0RZsI6EM49gH25gDn1Y-z90j4zKGrkjw0UyZ57r5NZdxCJFuMqs-M5FZ_Te9fbParMkZhQlNye3dAVvMIBAPOXXR-pleP-fMH59thUiqFQTJvavDl0K8gLD4YCYaVnOpsg6c18XdVijGvmV-kyrR0VsHfebzfiF-3bzQ3kU-EWJNHa_ku2WU1q3eCD_O5PhdnGtiaoDnN-vxHR2rKMp7EeKlgaffYql193aqkWUYNV_VgPvgbbZ9YzU8FyTUgkig4Qo1pd3u6G953PD2JdH6Q40B9W55emFcr6pUiRSJ1e8Hn-KpLT5HwVR8lT4QK76cYmu3sWCZhF5n8KOY0CZCDittd2phZe2FvDghSDWfQwDDgwcc4dztl8W60RRKR3u9MBZHPQii4gPIaA9Dzjgvy-N19FnEuZ2OJdarAJRGw4jKQT5kIAYM3SVR-QmjkZq5ZZH-6RIEkAVpVAo6zQJ-UvcKGZZ6eU_Dv2GUZ1s2dH10EfQGRxEVbMg2eJZ79AmrFfPVx6VMUde0a6df5hvO6inxMgYhmrE77OOmHfFPDUKVkSAV_EMRXqHQcc4n2hjERZyX3FnTTmYW8KTQi0k2J63fhUXk0C7aecyvVUuuIsOLnoHq5NXgdHePAG37SMiGmCM9DvkhXGI_HrQZE94tvRZDZM5xG4zN6tYfCfgRxp8x6kRlqVfxgdt4CmxF0Js&cid=CAQSPADUE5ymS9Rx18oIaGyfFGaBMX9cqE3Kw5WRWXTMhzBRDkEq1jruPZkIelTdlaP4ztByI70q9CXJE9xzDBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&ds=l&xdt=1&iif=1&cor=2325256619168760000&adk=4188270525&idt=97&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e816f3e7436fc8bd624bbd2429fc2a68a4fa4cb7d8b5bfe0c37aca2e500f1aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 17:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4091
x-xss-protection: 0
server: cafe
etag: 6428950819360314552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 17:58:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame B00F 28 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

982ab4d8bc32fa0262edb5e56aa9536dd6ca6014f2634b43e4c6ef2e25047ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 05:03:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10959
x-xss-protection: 0
server: cafe
etag: 15636944064868061930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:03:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B00F 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 06:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 06:47:03 GMT

GET
DATA 200
OK truncated
/ Frame B00F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba39d79671b5a8445d2cd5b10f4a2c0a37fa637b1e4cc6e8ac38cb6d0b800110

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 09C4 22 KB
8 KB 44ms
43ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 134639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 08:31:22 GMT
expires: Sun, 17 Mar 2024 08:31:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js Show response
pagead2.googlesyndication.com/bg/ Frame 09C4 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 05:03:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 90EF 15 KB
2 KB 126ms
48ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2270
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 21:55:21 GMT
expires: Mon, 18 Mar 2024 21:55:21 GMT
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B00F 0
0 167ms
81ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssltnvHuCDpUlG3ld5dwN5_PF-mCR7PY42vjuhGqaqvthSBPFwj82kEKaNL08IKFMniCVq0tYGW2oirml3bkrAluzwf6-841Y3MLl-txnmlldsWd_v2SYY_9GP61Cxyu2xz_PzrRLSTGoNzlIBrCbBVN7gAKaZthU9FakAhtxqRl97U_lglHtzvAgWLcFswv-uI7Uvq-Hv7i2CFJJjteok_z-zNglak949Imm3Zp3-YQfIda1iRQ0ICpnJu3AbQlFfOK13q8wipQ4SOL4iJgzUBQgWbghTrgiC4Mj8vkQpJ_vGzRPwIo7ExC4vn5t2yMwX9Li4MCswJfjDk7kJWBbH0pJTNQDL0zdyuLeKm0miF-EwC15hAZngDvh7zP5MufvosI86iaDZ1NoHvCmy_FKo_C5qDf3DL-1jT2DLttVOwnZu-PeYwNmkoXE2jWlKQdLcmBI0IVG9haHxoqBsRKJMqPLI87l_dHDgxGX3jgqu8mKOezm2JLkP-SIU4qjQjOlzzQbJ4Pr1a9xT-HtDoqVqSO8u2yNEsEwblaQ4ncPz193K7E7C0yNkKXsQSUlYHvxgeqjUfcc7Qibt9SDrr9RBjBl4lr_whlryTg4zNNjbqVe3Jd-kbM7tMjUweUce5SvVbGG5eOcNUtouXaVXb-vxXXXen0CbTi7kUj8hEo-zHY1XDfrGSXLqEZAxk27FaTSBFXzjCIztf7PHoXb8nj0z9tpcu3FC29k0UhnBv85dUPPlkPiwXyHgvV8w4Wm8QRo_VEvZS2IRTTqO5BM-7aN4QstPY99XDe8bOihMJBlzDKqQV8EeCBjJllhFUk0N2dF27pbOnCG0xyHSiu4kuglupBEKJ7cT2kwoOBE4TymlRxOGqYT9rg45LKrRcKkxu3MDmlknO1k0DWo2PQbFH2mkqpBSCTGiz6EP5PLH1OwyN1REi7jadSc587jm7AE9WwTA3Z3UDXkXAuyIBra_ps2OcYugfyd77mUYqNwRoASUm1RXG7VanXSNX0VMRPM8X83TFbm5OoTZuAftx9kq3xZr7_wfJYVuZEOsYyIP3OE88fn5shy5EYDur-2GfXC_em6rSUEsSuKGP24m_UKX9W_QH8poSpgic7I8w6YBTjdFpvh1x8vd51qi2s9rCzalj8Myj4oq_6mc9LdxMDo1GF5SG3yY_jpW0LnIedNf7zB6BrHmXQFMEwsryCujgrM3R6rCGy5AbqUuLOC-lvfY_var41LBbypMx8zKFJWNRK8Q_DjfHC8Gcpc2t9cuEbTWFgmlNKem_gYmuPctqW6vAcUsUCvK7gUHE8T5mdvlHQdaPv9C_eP2cYoUmI588XVk7RkqNSjWZrfxUPS4&sai=AMfl-YQLkbi5m4vJUSEF7soAiShgKPYh94xtoXuTyL6NRyLdJjiqW-LSCnsZwErLB3lpZecmrDcH0SzWGlWP6S_vIGH3T15gHSvkcE8suw_HW6meVL3J0pvOOBiJ6GI9qVHFaKqtlNKxQ_Ay1OVshmlvaTmBHmnIzRuXgU9xFlZ_WJtugTRzR96aibZmo_vnJ0Z8XWViBpwN_RiKC6HeCotIXqrriX1kJi3w2Oi7sPZXbzarKDy3xiwU1G0yPknm7wKk0Kz7EuU&sig=Cg0ArKJSzBmzG7GozJgVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=208&cbvp=1&cstd=202&cisv=r20230315.85106&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Mar 2023 21:55:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Mar 2023 21:55:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09C4 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLrCGyIQXZOrtPJeOgAfHpoOoDgAAAAA4AeAEAg&bg=!kpGlkcXNAAZEjmHWZI47ADkAdvg8WqTrbqDmfnS-vJbEEgJbmj2PQgX0hyBvv4cOz_XDpjwNUdPA2Qf_Oto4vCLr54dFd41zRHQCAAAAUlIAAAACaAEHCgBDXXhrH_DbO4B2pHEAhFU_Xq62e9Ktskjlk3eh4Ohy3Q5eOi3ie-cG9oBLx3SOFliigwjbh7QM2QplhTMDWGKO-IFytZkC98IZY5YCtnjNelUwr2ASOn9uduICCjA5R1fQW1D_N7kyCSs9h7QIYApnZgmdYym72tcjITV1Wh7NbDLHTdWzPluxFmOE6QzovvyzjIIW4SHFFCAaB5dSgujBK66LSJP0i2OC-mJXxMK1MtCpv5jspRh2o9H2CQZm6OKkm8cFOH0UpouYpNKUyuq-bfrddt0Cobw81tKBwniSKkS9wN40X0-Uz_P_s1SBQ354kuP6AraRdobh4CJT0QV7to-AE3VKwmY9JcmLdW0NjS0aLPZvxHgVhdSY2Xl-j5tinmrs6ijHLcXd--WQjZJFdRGqxDEYQlzPugdaGyBngJM28XEyCtbPgI8URQB-RwPYKN1frH8q9XsdrMSufJxfGHygdAEBpVDuCAC2F4-JVSwYhOTLgTWK2k1RQx0NMBVMm0452QrVN2YkKgi6s6_4NtsBeWpjp7U2iY5_wB-by1HrvAvmr1YCgBrcDspaPRDdnAhhjzynq_TTj_mAw6N4-2gzufjEk4VeNy8oKekTklnN8lcnwBimYVMPSkJqBunCPsB2bJ4Bak10_n_PvOfoolvP9eq6xU2e8LFKfO5LBx3vb4wacf491i23cs4BlXxAmxVl4_mG8ohhrBf5a-JIDmGjy14rtlnpp206uiiW1nNET_nlwx0CUwEKe6kZCnjtTFlJowg2y1cCsuA3RHSWxsvGzqYnN8Ipbl27jTbpZh16usdgzEivNkbm0zu1XB0nxjFMy8GBNi9hsF4MRR2BLc6huL-5OwqgfZtMUtH7ie6-Vf16gS9v8qg9uV4xVWMgom9DpanXC2lqPrUfU5S0Ws3Gzc0IX34xhrTAVMOjxm7Q74gSDIs1mPYAqeUOnwP9f44dsSOmjfTeWGHT60aOZPvDJTYbmc79swzgeT6p9H70Bcc1uT2Yn4cLxRR2JYLEMBox2Jexsc8-KsEyXP4XvjAtAz6YaratFdW66O0Y-LX_ArGf148rcmUfNJJC639dlEEbBHHJ92iu38qOow

Requested by

Host: 32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
URL: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 90EF 9 KB
2 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2341
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Mar 2024 18:17:03 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 90EF 118 KB
40 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 18:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Mar 2023 18:32:14 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 90EF 20 KB
5 KB 57ms
56ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 18:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272298
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Mar 2024 18:17:03 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 90EF 3 KB
1 KB 40ms
40ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9548364509937149214/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177472
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Mar 2024 20:37:29 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B00F 0
0 77ms
74ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssltnvHuCDpUlG3ld5dwN5_PF-mCR7PY42vjuhGqaqvthSBPFwj82kEKaNL08IKFMniCVq0tYGW2oirml3bkrAluzwf6-841Y3MLl-txnmlldsWd_v2SYY_9GP61Cxyu2xz_PzrRLSTGoNzlIBrCbBVN7gAKaZthU9FakAhtxqRl97U_lglHtzvAgWLcFswv-uI7Uvq-Hv7i2CFJJjteok_z-zNglak949Imm3Zp3-YQfIda1iRQ0ICpnJu3AbQlFfOK13q8wipQ4SOL4iJgzUBQgWbghTrgiC4Mj8vkQpJ_vGzRPwIo7ExC4vn5t2yMwX9Li4MCswJfjDk7kJWBbH0pJTNQDL0zdyuLeKm0miF-EwC15hAZngDvh7zP5MufvosI86iaDZ1NoHvCmy_FKo_C5qDf3DL-1jT2DLttVOwnZu-PeYwNmkoXE2jWlKQdLcmBI0IVG9haHxoqBsRKJMqPLI87l_dHDgxGX3jgqu8mKOezm2JLkP-SIU4qjQjOlzzQbJ4Pr1a9xT-HtDoqVqSO8u2yNEsEwblaQ4ncPz193K7E7C0yNkKXsQSUlYHvxgeqjUfcc7Qibt9SDrr9RBjBl4lr_whlryTg4zNNjbqVe3Jd-kbM7tMjUweUce5SvVbGG5eOcNUtouXaVXb-vxXXXen0CbTi7kUj8hEo-zHY1XDfrGSXLqEZAxk27FaTSBFXzjCIztf7PHoXb8nj0z9tpcu3FC29k0UhnBv85dUPPlkPiwXyHgvV8w4Wm8QRo_VEvZS2IRTTqO5BM-7aN4QstPY99XDe8bOihMJBlzDKqQV8EeCBjJllhFUk0N2dF27pbOnCG0xyHSiu4kuglupBEKJ7cT2kwoOBE4TymlRxOGqYT9rg45LKrRcKkxu3MDmlknO1k0DWo2PQbFH2mkqpBSCTGiz6EP5PLH1OwyN1REi7jadSc587jm7AE9WwTA3Z3UDXkXAuyIBra_ps2OcYugfyd77mUYqNwRoASUm1RXG7VanXSNX0VMRPM8X83TFbm5OoTZuAftx9kq3xZr7_wfJYVuZEOsYyIP3OE88fn5shy5EYDur-2GfXC_em6rSUEsSuKGP24m_UKX9W_QH8poSpgic7I8w6YBTjdFpvh1x8vd51qi2s9rCzalj8Myj4oq_6mc9LdxMDo1GF5SG3yY_jpW0LnIedNf7zB6BrHmXQFMEwsryCujgrM3R6rCGy5AbqUuLOC-lvfY_var41LBbypMx8zKFJWNRK8Q_DjfHC8Gcpc2t9cuEbTWFgmlNKem_gYmuPctqW6vAcUsUCvK7gUHE8T5mdvlHQdaPv9C_eP2cYoUmI588XVk7RkqNSjWZrfxUPS4&sai=AMfl-YQLkbi5m4vJUSEF7soAiShgKPYh94xtoXuTyL6NRyLdJjiqW-LSCnsZwErLB3lpZecmrDcH0SzWGlWP6S_vIGH3T15gHSvkcE8suw_HW6meVL3J0pvOOBiJ6GI9qVHFaKqtlNKxQ_Ay1OVshmlvaTmBHmnIzRuXgU9xFlZ_WJtugTRzR96aibZmo_vnJ0Z8XWViBpwN_RiKC6HeCotIXqrriX1kJi3w2Oi7sPZXbzarKDy3xiwU1G0yPknm7wKk0Kz7EuU&sig=Cg0ArKJSzBmzG7GozJgVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=465&vt=11&dtpt=257&dett=3&cstd=202&cisv=r20230315.85106&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Mar 2023 21:55:21 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 90EF 13 KB
6 KB 130ms
37ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 12:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 12:21:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 90EF 7 KB
6 KB 48ms
47ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b45980565adb789e3622cd824526493e4669957ff4f30f99af1a9038343c1362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5662
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 90EF 17 KB
6 KB 175ms
175ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:55:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 21:55:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BB98 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuec-6r1AS2ZyC4STereris4icvqMDeb-i1MmYtergj2Pmbe55HbjQaJzYdYInLJ6WrEusMqd6ZfcC62rN6-AIZDSX4lA-k_xrHRq6xLIsbaLhvetN-E2DlYM7SwN_B-zorW9cltF-t-WT_q_NaIVUQkNX_uVe0G4zMRw&sai=AMfl-YSp_UioTl80ntlQi4zcmYf0jwEOtvP3beH4hjDNJMT8YrPSgohq5aps0eze3UcdFJRGwTFVRAVGq5_D0Ezl0c9JprU0jLkr0ueS4gtLm33OW_ZZqRH7ZPwy-Lt-&sig=Cg0ArKJSzAOhBqGlmKzTEAE&cid=CAQSPADUE5ymOZv0jHskI5xIxSUiFCcMiNML7ZEA8M16IcbkZUbJd5hsB2Ii6HZqg3TZEhRyjJhsudJtsR3mHBgB&id=lidar2&mcvt=1000&p=65,513,315,813&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1591707242&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679262920503&rpt=233&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 90EF 98 KB
98 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:43:10 GMT
x-content-type-options: nosniff
age: 731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 19 Mar 2023 21:58:10 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 90EF 57 KB
57 KB 50ms
49ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 21:54:37 GMT
x-content-type-options: nosniff
age: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 19 Mar 2023 22:09:37 GMT

GET
H2 200 6185784206 Show response
dfp-gateway.s-onetag.com/1/27763518/ 116 B
587 B 46ms
9ms Fetch
application/json 18.66.97.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/27763518/6185784206
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-121.fra56.r.cloudfront.net
Software: /
Resource Hash: 9d7faf4d3afeacbaffff15ccc2bbef92c0d6bd44c414cf554e33fbff736434ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 00:22:46 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront), 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2, FRA56-P2
age: 77555
x-amzn-trace-id: Root=1-641655d6-2abfad44617459e35fcc517e;Sampled=0
x-amzn-requestid: 784074be-5307-416a-80a6-a3b1b1af8cb3
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-apigw-id: CAJZfGeLCYcF6Aw=
content-length: 116
x-amz-cf-id: 3D7WgzgY95c4yxYSjp9HRC0WkrGwfROGZgDV3LjK_OqHeMuM-3mgVw==

GET
H3 200 h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AEC 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/h7crsjCj0IX-282TYmrQfY-rOnXNYj6L0RJU8oUOaW4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14251
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 05:03:55 GMT

GET
H3 200 03032023-031222864-1456_180_q_620x700_2210-anf-s-icons358755a7-0efc-4bca-8cba-92e68b5c5345.png
s0.2mdn.net/4528404/ Frame 90EF 36 KB
36 KB 39ms
39ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031222864-1456_180_q_620x700_2210-anf-s-icons358755a7-0efc-4bca-8cba-92e68b5c5345.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c32d867fd1ab3f69923cbcd22b59160c4bade634ce83d90a70fb459725edb099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 10:45:29 GMT
x-content-type-options: nosniff
age: 40192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36391
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Mar 2023 10:45:29 GMT

GET
H3 200 03032023-031527201-1456_180_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame 90EF 31 KB
31 KB 43ms
42ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527201-1456_180_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebaa028e53ceb3896c63bfbdb52a422b2419be96e936f7416a4aea330e69010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 10:45:07 GMT
x-content-type-options: nosniff
age: 40214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32039
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Mar 2023 10:45:07 GMT

GET
H3 200 03032023-031222864-1456_180_q_620x700_2210-anf-s-icons358755a7-0efc-4bca-8cba-92e68b5c5345.png
s0.2mdn.net/4528404/ Frame 90EF 36 KB
36 KB 41ms
40ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031222864-1456_180_q_620x700_2210-anf-s-icons358755a7-0efc-4bca-8cba-92e68b5c5345.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c32d867fd1ab3f69923cbcd22b59160c4bade634ce83d90a70fb459725edb099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 10:45:29 GMT
x-content-type-options: nosniff
age: 40192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36391
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Mar 2023 10:45:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B00F 42 B
64 B 83ms
82ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-hSisXy4BqlaKXmcTo2dqXz6mJARpvzstvjlWJz6Y8_Q2yFybGxEmHX6sW8jOI9dqxTZ0B3JmQGto1cELCr7Q9gUIudI5f1Ut8WiTqjitqhoUshVXso0BxUCXI5_KXl518LPQdGI&sai=AMfl-YQzNtXUhjbSb_AQLToocDmr-UXUUDbyJFCSncbNXZn9LXXv7pyJx_CWwqt4pHiSgRvM_uA1TeW512iSv6THdDThf_iD_CtsxOhDuZg5Q4CDuQ2pQUJzTQuUjj-b&sig=Cg0ArKJSzEdPT92UjgFtEAE&cid=CAQSPADUE5ymS9Rx18oIaGyfFGaBMX9cqE3Kw5WRWXTMhzBRDkEq1jruPZkIelTdlaP4ztByI70q9CXJE9xzDBgB&id=lidar2&mcvt=1000&p=55,0,145,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3072894836&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679262920817&rpt=334&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
server.seadform.net/serving/unload/ Frame BB98 35 B
626 B 26ms
26ms Ping
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/serving/unload/?version=15&unload=0@@60356159,1628155595462622192,100|1200|0|0|0|0|0|0|0||47|1|||||1|0|0|3YbmDDzhN7Pi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B00F 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2489881876890&version=m202301230201&ct=76&x=1&cor=2325256619168760000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031527201-1456_180_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame 90EF 31 KB
31 KB 38ms
38ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527201-1456_180_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebaa028e53ceb3896c63bfbdb52a422b2419be96e936f7416a4aea330e69010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=YUDnTssyUz&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 10:45:07 GMT
x-content-type-options: nosniff
age: 40217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32039
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Mar 2023 10:45:07 GMT

GET
H2 200 dc_oe=ChMI6vGP7_3o_QIVFwfgCh1H0wDlEAAYACC03uxKQhMIscDu7v3o_QIVgsV3Ch2idgKt;stragg=1;&timestamp=1679262924924;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame B00F 42 B
401 B 165ms
75ms Image
image/gif 172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6vGP7_3o_QIVFwfgCh1H0wDlEAAYACC03uxKQhMIscDu7v3o_QIVgsV3Ch2idgKt;stragg=1;&timestamp=1679262924924;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
server.seadform.net/serving/unload/ Frame D056 35 B
626 B 26ms
26ms Ping
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/serving/unload/?version=15&unload=0@@60351694,4885800764000170805,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|80I5J_LhNUfi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
server.seadform.net/serving/unload/ Frame BB98 35 B
626 B 26ms
26ms Ping
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://server.seadform.net/serving/unload/?version=15&unload=0@@60356159,1628155595462622192,100|4700|0|0|0|0|0|0|0||184|1|||||1|0|0|3YbmDDzhN7Pi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.seadform.net
URL: https://s1.seadform.net/stoat/626/s1.seadform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 21:55:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.weihnachtsgeschichten.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: pf277r536r0r0d6ddod84ucuk2
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ASm6vnuaUog
.youtube.com/	1970-01-20 14:46:54	Name: VISITOR_INFO1_LIVE Value: XYYI8VMoiZg
.weihnachtsgeschichten.net/	1969-12-31 23:59:59	Name: src Value:
.weihnachtsgeschichten.net/	1970-01-20 11:10:54	Name: _TStfc Value: 926291862755
.weihnachtsgeschichten.net/	1970-01-20 19:13:18	Name: __cmpconsentx55325 Value: CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA
.weihnachtsgeschichten.net/	1970-01-20 19:13:18	Name: __cmpcccx55325 Value: aBPo6y_DgAAIAABAAGAA0AC4AGgAPAAjABKACgAHgAQABDgFPAsCBaIFGgAA
.weihnachtsgeschichten.net/	1970-01-20 19:13:18	Name: __cmpccpausps Value: 1YNN
.awin1.com/	1970-01-20 10:29:09	Name: awpv14598 Value: 412863\|1679262918\|bd130240-c6a0-11ed-9d45-2261c3620022
.consentmanager.net/	1970-01-20 19:13:18	Name: __cmpconsentx55325 Value: CPo3yUAPo3yUAAfUtBENC8CgAP_AAH_AAAigIzIR5D4MDGFBUXx7QMskWQQX0MAVJyACCgCAAaABABAAcKQAkkASIAyAAAACAQgAIBYBAAAADAFAAEAQQIhAAAHgAgAEgAAIIAAEABEQQEIAAAoKAAAAEAAIAAERKACAkADQAobiREAAkIAgQAAAgAAAAIABAhMAAAAIAAACAAIAAAAAAAAAAAAAAAACABBGZCPIfBgYwoKi-PaBlkiyCC-hgCpOQAQUAQADQAIAIADhSAEkgCRAGQAAAAQCEABALAIAAAAYAoAAgCCBEIAAA8AEAAkAABBAAAgAIiCAhAAAFBQAAAAgABAAAiJQAQEgAaAFDcSIgAEhAECAAAEAAAABAAIEJgAAABAAAAQABAAAAAAAAAAAAAAAAAQAIAA
.consentmanager.net/	1970-01-20 19:13:18	Name: __cmpcccx55325 Value: aBPo6y_DgAAIAABAAGAA0AC4AGgAPAAjABKACgAHgAQABDgFPAsCBaIFGgAA
.weihnachtsgeschichten.net/	1970-01-20 19:13:18	Name: _ym_uid Value: 1679262919781022788
.weihnachtsgeschichten.net/	1970-01-20 19:13:18	Name: _ym_d Value: 1679262919
.awin1.com/	1970-01-20 10:37:47	Name: awpv11938 Value: 412871\|1679262918\|bd2f15c1-c6a0-11ed-b00f-2238801674a3
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.xplosion.de/	1970-01-20 19:13:18	Name: pid Value: BSwFES7CBDb-EibCESbkWi_CWif0Ei7kWsf0BS_ABifABfrr
.xplosion.de/	1970-01-20 19:13:18	Name: pid_short Value: 5OW8xUIdSDIQw8HjcQjuaUBA__rr
.xplosion.de/	1970-01-20 19:13:18	Name: pid_signature Value: Hd_CHDb8wCwsWDWIWdU8wD_-BiBZHD7sEqybEi_FwsIdHSJ0BD+DB_rr
.xplosion.de/	1970-01-20 19:13:18	Name: ep Value: ZBeExq1zp3UYPp4yWIyU
.congstar.de/	1970-01-20 10:37:51	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1679262918_bd2f15c1-c6a0-11ed-b00f-2238801674a3%22%2C%22sp%22%3A%22awin%22%7D
.weihnachtsgeschichten.net/	1970-01-20 10:28:54	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 10:27:43	Name: sync_cookie_csrf Value: 1052572728fake
.mc.yandex.ru/	1970-01-20 10:27:43	Name: sync_cookie_csrf Value: 2047567035fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1611591971679262919
.yandex.com/	1970-01-20 20:03:42	Name: i Value: KLQRyOkA0xlS8H84wp50QLAyAiAE9a+u9Gp/xzUdf/4IuGa848ABMxHIhW2+wL2jPnYP2I2POFFz9RJI4Xi72dykWAE=
.yandex.com/	1970-01-20 20:03:42	Name: yandexuid Value: 5694913241679262919
.yandex.com/	1970-01-20 19:13:18	Name: yuidss Value: 5694913241679262919
.yandex.com/	1970-01-20 19:13:18	Name: ymex Value: 1710798919.yc.1679262919#1710798919.yrts.1679262919#1710798919.yrtsi.1679262919
.criteo.com/	1970-01-20 19:49:18	Name: uid Value: c28321ec-f2f8-4f91-b12a-25d25c4403f4
.weihnachtsgeschichten.net/	1970-01-20 19:49:18	Name: cto_bundle Value: pbG2dF9WSmczVFl0d1A4Zm9ObjlSb3VxdiUyQlk2eVNSMENwejVLVHByaHBVUkRxWXdyS3BqMGlNZDNlWFpMQmtpUExmUnFQOFZHMDNCZlpMdXlzTDQ5VFZKREZKNlg2a3dvSUpYaXc0d3ZnMUI4ODFwMTI0RHlvMzdxazhpUVglMkJuS1RRb3hxTGtUMlphZHNQZGwlMkJUQTNYYSUyRnVqT082Y0tibFdDNkxaakJYZktaYmllQSUzRA
.seadform.net/	1970-01-20 11:12:17	Name: C Value: 1
.doubleclick.net/	1970-01-20 10:27:46	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 19:49:18	Name: IDE Value: AHWqTUmsohiv5N4bh5Z-ALk-_dSvlNFcIYUqokpZ_9-BE_BvLCs2rgpxRVaCFV4Keqg
.weihnachtsgeschichten.net/	1970-01-20 19:49:18	Name: __gads Value: ID=835be55f69276cb1:T=1679262919:S=ALNI_MY5__OgTnGwN-nr67zvcmKavzz1Bg
.weihnachtsgeschichten.net/	1970-01-20 19:49:18	Name: __gpi Value: UID=00000bc85c861564:T=1679262919:RT=1679262919:S=ALNI_MYqyKRgP57uTPVVIX-hBhRf-2q50g
.adnxs.com/	1970-01-20 12:37:18	Name: uuid2 Value: 3409230048876216560
.casalemedia.com/	1970-01-20 19:13:18	Name: CMID Value: ZBeEyOwpO7x11pHoqjddsQAA
.casalemedia.com/	1970-01-20 12:37:18	Name: CMPS Value: 3259
.casalemedia.com/	1970-01-20 12:37:18	Name: CMPRO Value: 3259

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.weihnachtsgeschichten.net/ Message: Refused to execute script from 'https://www.tisoomi-services.com/cookie' because its MIME type ('image/png') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32df46e3c36b920ad06e38259534caa5.safeframe.googlesyndication.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
at.teads.tv
b.delivery.consentmanager.net
banner.congstar.de
bidder.criteo.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.consentmanager.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cdn.unblockia.com
cdn.xplosion.de
cm.g.doubleclick.net
dfp-gateway.s-onetag.com
dsum-sec.casalemedia.com
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
s0.2mdn.net
s1.seadform.net
secure.quantserve.com
securepubads.g.doubleclick.net
server.seadform.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
static.criteo.net
storage.googleapis.com
t.teads.tv
tpc.googlesyndication.com
track.webgains.com
ups.xplosion.de
weihnachtsgeschichten.net
www.awin1.com
www.google.com
www.googletagservices.com
www.tisoomi-services.com
www.weihnachtsgeschichten.net
www.youtube.com
104.111.217.42
104.79.89.16
104.98.137.157
13.224.189.70
13.224.195.78
13.32.106.197
136.243.25.83
142.250.184.226
142.250.186.130
162.19.138.120
172.217.16.194
172.217.18.6
178.250.0.157
18.132.34.25
18.173.233.45
18.66.112.32
18.66.147.41
18.66.97.121
185.80.39.216
185.89.210.180
23.35.229.56
2600:9000:211e:a00:12:abfb:9280:93a1
2600:9000:2250:1800:a:e047:752:b361
2600:9000:2490:de00:e:29d5:db00:93a1
2606:4700:10::ac43:266a
2606:4700:20::ac43:4a81
2606:4700:3036::6815:5dc9
2606:4700::6810:5614
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:803::2010
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:6b8::1:119
2a02:6ea0:c700::19
37.157.2.247
37.157.5.141
52.222.214.123
52.56.125.139
54.167.218.243
54.195.112.141
87.118.116.9
87.230.98.74
99.86.4.52
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
018d6b450cc3ae3bf35408ba85c28477fbe447712cab1c27b9706cab61ad6961
0431f53f752ff02e33885c8a18d9cf0a93ca00a0c293925a82e8333c4f37e67f
0563b45e7f8099573475a80a342c9e71a371e453ae363335dcee0987ce087655
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09ed923d66993acde12a25ce370b96c951c7c20e47b72d88c87ca5f52f9a4fd8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d86518f2d6ab285faeb9049846f7f899be94b28c7d206c93dfe2347fd6bc094
0db6afabea66afcd07082caaba10bcb24cbae5898cc09814e1272c4f4344166b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fa5cdfd04f7d2158ad7978ecca641764655ed6e4f4b7b49ce166ab2f2a3758
166d8aee3094ec0d0fedc2db462e8583bb3fdfe13670fcee9012dbbd5313cea2
16856a2720bccce3d9869928bb5f57ea06e53efef2ef493c99e3ccfeb48a54a0
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1a55c314c1488fe74cf731441adccf2f398ebba43450d0ba90733f33e55a1735
1c23fc4f2ced8ee353c23e19ce32d0e880e3264d8c08dcfff9b370b3c45fe35d
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1ef0a56094a418694fbf1370c4b805a7df2a9787f9dab804d40a0ee24330bb40
1f89765d3d7243cc2347d922ff9a4b328740228cff1b901f3685086578b77d39
1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2b15114adb679270e25e0d47ca2d8ee278701c0a23d815ebcbbd0a4630211873
2c1f87c046354caa89ca41a5a582607eb241535aac2b7e52b2b711745557a698
2cd0c180b2b9e97370057dcc73a7fdd8957b37d6faeee0465c8e074fa160cf11
2d3e6fd5e5a5a11ab8b89f7f11db6d6671289fc47b72d07fc3f72029898d6b9a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
3d7bc9b39ae4a336f68035f2a7d555d525024a310e1393e77f670ec1db800434
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1
3f08ef43ade3dd83085fe77ec5569f2ca9302d4f82ad4a7ed97af6200857b85b
3f73768613f925c342c620a9bcd75ed2c122048a54f092fae9fb73d7caff460e
41f396f423602132a4c289ee6d72b9b6cce06d30bd350924d86287e35f445d91
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb
48947b7b416354878784f179507f0a1ff89d9fc0792a2a6cc74cf54fb434cd65
48ce601308d456c2e3bf4ab22a9e9a4c9be1474fe60880611dc7085df2b158bd
49552a1b265626ae43788c7a552f0e83b2a60c3b80a03f0a3ac5d897e19e5a4f
4dad3f839dd5628cacfa843b665dc6c6346ccc358b685f298056b8ca151c4aa4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5377a498b12bcd216802b834509a0af1a425b386c2941e214c0c0be49136f0b5
53b14a22cd3dc973d6cb1a381d01fafafc4da1632bacbf15f7fac0014fbe70c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57e4fcf332c781bb9d2c51e7f730a27e394ccf8e06552033c8204417ebfc5f8c
58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416
5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c581dea98a400b708a36518e70da2958360040fcd40c8bf3cadc92025d8f67
67b155541bd1a8fe1305b3912422422ba59cb7f711659c32b5d61c8da89d07a1
68208ecee354aa4221fa0171070109014c3bf99a9f4d523cca7e505f38a12844
693af62775c857891bb8a97b203739bfba49fcc138d215c587f07d267e28ff3c
6b22116369a4bf07f69ceccd63521a839b8a343c83329ae0184fcd1c6a80c62e
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72e42a24769b4b43b7dafaa7c9e2a8985a172347823a44ad740b1b39dad13210
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7769cc22bb77a68446908cddbb26700d20bb85afdaa36b2c426c7e50cb4ffb1a
7904bd25b931a22db7b63e11873ae740bfa8fe70667f26956f1dfe1414051f1d
7ac1e3e9a56d93d8f406ef31b9b234b0e44f1f5bb75200b08daab11cdf893c53
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
808f27afd86ad8a6f766247686c65b7e2ca4d40ef35853ea282f0d9c9d8b7ace
808ffaeee4006e4930f89f5dcf46f603eb173ecc365b8f3df2b822bb6747c0b8
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8356917409b761b961a70e097c8354f8b06cab040ab3b1ac5ea3c8bb917c933b
83e65478b263eea7a3b2c30e65ac048506aedc8883bd089fa6ee695f3e7fb71d
8452bd0c54b786349447609934bd1810af8c5158d43786939a8cd46c24bc108e
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
87b72bb230a3d085fedbcd93626ad07d8fab3a75cd623e8bd11254f2850e696e
88233ad1abcd2282b53edb9465a6bef42fd32de319f014e4059353e4fd8a7e0a
88dec8ad867811fd155084b66e26775ca40e1565f53f5cf8f73d22fda91ec25d
8afc8c47e931fe3cb0fd970ce36dbeb54f82c8dd1e5df1f8dfd820fd3c78662b
8d37935b6db3df045121d4fa638b598e7e4f0a71f16d4e533b26e8d26732d5d5
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e89916f673d1f4ba2ba11d5a7f1c15f50bcb52f19825c8a8e7b0f134f151d7c
9212e302b2d7474c9140d979979fee46932b3d9336545817cd6e91e19c242730
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
92d284b69965dcae90d19a228e9e8af35d41e7a3c6e06574ebb0024e88f9cc23
956ea70795362caa0187b62693e699abe204033ad9bbd4158f30219a76de0d29
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96e621a20ba5e0c08f781742c92f9c14418b3dfe396dcd1ce4c72b4764135fc6
971a206bf302aee6432676d3c9fba27fd4b02e2524e0bb1cc3c3e639f3915d2c
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
982ab4d8bc32fa0262edb5e56aa9536dd6ca6014f2634b43e4c6ef2e25047ff4
9d7faf4d3afeacbaffff15ccc2bbef92c0d6bd44c414cf554e33fbff736434ea
9e2dda87f17264190a31cc9531266bbef219db884866b524abfb298a336833a3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5bd4dc6b6ce4b5fd25f90bba75bf8d154c328d2df04fcb6cba0282a89a55187
a6a61f2863b9cb35239f4f604ccc3b59b4a6ea435d50ff52c13c23f75f7bceb4
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14baeba70173dafeb5a20211edfd4b9382eac3ab5bfa619858a8ddb2db9566c
b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a
b45980565adb789e3622cd824526493e4669957ff4f30f99af1a9038343c1362
b4b68a1a5e58c458fc3abdecbd952c045bccbaac12e24656146d232cf76946ad
b7488bcf22df3aa695cf68e32b27e7600796120bc50cfd79b87ddd7e9d0150a2
ba39d79671b5a8445d2cd5b10f4a2c0a37fa637b1e4cc6e8ac38cb6d0b800110
bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c32d867fd1ab3f69923cbcd22b59160c4bade634ce83d90a70fb459725edb099
c363db8ff8891786c268808aab4ed7933f4ae1a7a63070845aa990e41bde51cd
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c68a81ddc0974891cf786f43ef55c340db91f3d5a63ec49c508143232e4ce654
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b5378b42fb210ba18bc1c6879c3deb075cd6c0a50f4ce42b703cddece693e1
c9eb53bd198197e981c8cb37562b77ceee5e55f0014b55b728eed1e9ca2a3678
ca1d1515036d76a7b8abd2ddc1630eb4ed571a16d9c926962a8ae1d3867d0b8c
cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073
cf4b35323f55918ef42fef983c5607a4fa34d0e403392688a51637423715da03
cf9b07584547d5d561dfac9cdbf7b6a530cb72a1b7a1096411966036c4017d38
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d5f4c5bbbc157ab9adf6e30c766bf42de65fd31270c8f1c0dbdcee08816298f0
da04867749692cf4c35407addf8d96775a495d5ada998f38248ecc7c5e085f04
dee9a8f74f792db0d00d4692419aba18da305d4e64a259d3f00fec5710b41b4d
e0eafc103c65fc938ba3822331a77d2317257926acd99e63836310d578626739
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e
e816f3e7436fc8bd624bbd2429fc2a68a4fa4cb7d8b5bfe0c37aca2e500f1aa1
e85425bd2e6b2f9e6214b358fe34dc87bb42551bbf11f253e96583c086d4f143
e8be0bd4ea3b8221886f022679f767ae02b6e26732ad9646d2655a5bf98b67dd
e8cd4bf2f547eb60b69a54a5340d5feed5905e1e5ea0ef3d3aefe6a6c1523fe7
e8f98033ab87674197a413dbf5f6664dc0e0b1370862f2b1a57f69a4c06277ec
ebaa028e53ceb3896c63bfbdb52a422b2419be96e936f7416a4aea330e69010c
ec3f85924617eeebdbd208b1dc4fd4b521c505e7d4235705ef0d9db7f78c05dc
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2b48eeb2d8be46e58fb71e59f7cf42be331a1bb07b1eb23b512b967e12a7ae
ef491bc1ef4ccbe91a7b8ffe027a5d372e59133c6a22cc8c5f881c61009f0fa2
f0a3e10929596e4a2855798959d1d9eea123133bbf3201cbdb6c768af3f17918
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5f207bf4dace3a9496e9ffc6bfe94fe153cad4f0c5b88ee3406a1a9d9a8dec3
facd5c0df5edcdc0288322243ef346f438dfc5fc2f85acc3d2cbd8165d741e78
fb0a147d1e9bd8aa4a6bc95c555953297d283e0361a4618cc92e78314c30c6b0

www.weihnachtsgeschichten.net Open in urlscan Pro 2606:4700:3036::6815:5dc9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

96 %HTTPS

46 %IPv6

35 Domains

61 Subdomains

55 IPs

9 Countries

3218 kBTransfer

7096 kBSize

39 Cookies

1 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.weihnachtsgeschichten.net Open in urlscan Pro
2606:4700:3036::6815:5dc9 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

96 %
HTTPS

46 %
IPv6

35
Domains

61
Subdomains

55
IPs

9
Countries

3218 kB
Transfer

7096 kB
Size

39
Cookies

208 HTTP transactions
4 data transactions