www.weihnachtsgeschichten.net Open in urlscan Pro
2606:4700:3033::ac43:d65c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://weihnachtsgeschichten.net/
Effective URL:
https://www.weihnachtsgeschichten.net/
Submission: On April 11 via api (April 11th 2023, 7:49:39 pm UTC) from US — Scanned from DE

Summary HTTP 190 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 56 IPs in 7 countries across 31 domains to perform 190 HTTP transactions. The main IP is 2606:4700:3033::ac43:d65c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.weihnachtsgeschichten.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time www.weihnachtsgeschichten.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:5dc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3033::ac43:d65c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:8800:12:abfb:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2010	15169 (GOOGLE) (GOOGLE)
4	88.221.169.49 88.221.169.49	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	95.101.201.49 95.101.201.49	16625 (AKAMAI-AS) (AKAMAI-AS)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	87.230.98.74 87.230.98.74	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
5	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	136.243.25.117 136.243.25.117	24940 (HETZNER-AS) (HETZNER-AS)
2	2.19.229.28 2.19.229.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.74.96.163 104.74.96.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1	65.9.66.22 65.9.66.22	16509 (AMAZON-02) (AMAZON-02)
3	18.66.202.223 18.66.202.223	16509 (AMAZON-02) (AMAZON-02)
19	2620:100:a005::6 2620:100:a005::6	19750 (AS-CRITEO) (AS-CRITEO)
2	34.243.91.200 34.243.91.200	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	35.179.69.18 35.179.69.18	16509 (AMAZON-02) (AMAZON-02)
2	108.138.189.67 108.138.189.67	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.104 143.204.89.104	16509 (AMAZON-02) (AMAZON-02)
2	108.138.189.65 108.138.189.65	16509 (AMAZON-02) (AMAZON-02)
1	13.226.31.170 13.226.31.170	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2249:f600:e:29d5:db00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.224.205.52 34.224.205.52	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2620:100:a005... 2620:100:a005::17	19750 (AS-CRITEO) (AS-CRITEO)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:236... 2600:9000:2361:2200:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4001:c08::5e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:d::14 2a02:2638:d::14	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.97.66 18.66.97.66	16509 (AMAZON-02) (AMAZON-02)
190	56

1 2606:4700:3036::6815:5dc9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

weihnachtsgeschichten.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3033::ac43:d65c (United States)

ASN13335 (CLOUDFLARENET, US)

www.weihnachtsgeschichten.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:8800:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.201.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-201-49.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.230.98.74 (Bergisch Gladbach, Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com

b.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.25.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: api.addefend.com

www.tisoomi-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.229.28 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-28.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.74.96.163 (Paris, France) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-96-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-22.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.202.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-202-223.mxp63.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:100:a005::6 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.91.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-91-200.eu-west-1.compute.amazonaws.com

ups.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.179.69.18 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-69-18.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.189.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-189-67.mxp64.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-104.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.189.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-189-65.mxp64.r.cloudfront.net

signal-segments.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.31.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-170.ewr53.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2249:f600:e:29d5:db00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.xplosion.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.224.205.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-205-52.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a005::17 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2361:2200:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4001:c08::5e (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:d::14 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-66.fra56.r.cloudfront.net

dfp-gateway.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 12528 csm.eu.criteo.net — Cisco Umbrella Rank: 7853 pix.eu.criteo.net — Cisco Umbrella Rank: 9255	731 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	134 KB
16	doubleclick.net 2 redirects ad.doubleclick.net — Cisco Umbrella Rank: 172 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	199 KB
12	ad4m.at ad4m.at — Cisco Umbrella Rank: 9897 as.ad4m.at — Cisco Umbrella Rank: 26975 assets.ad4m.at — Cisco Umbrella Rank: 39498	957 KB
12	weihnachtsgeschichten.net 1 redirects weihnachtsgeschichten.net www.weihnachtsgeschichten.net	178 KB
11	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 748 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 26061 ads.eu.criteo.com — Cisco Umbrella Rank: 7796 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 31702 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13528	117 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	218 KB
9	consentmanager.net b.delivery.consentmanager.net — Cisco Umbrella Rank: 34361 cdn.consentmanager.net — Cisco Umbrella Rank: 15429	118 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4020 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4970 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5065 signal-segments.s-onetag.com — Cisco Umbrella Rank: 9029 dfp-gateway.s-onetag.com — Cisco Umbrella Rank: 17064	26 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9151	2 KB
7	teads.tv a.teads.tv — Cisco Umbrella Rank: 1399 at.teads.tv — Cisco Umbrella Rank: 4747 t.teads.tv — Cisco Umbrella Rank: 2785	137 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax.amazon-adsystem.com — Cisco Umbrella Rank: 412	59 KB
4	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 424 fonts.googleapis.com — Cisco Umbrella Rank: 47	10 KB
3	gstatic.com fonts.gstatic.com csi.gstatic.com	59 KB
3	xplosion.de ups.xplosion.de — Cisco Umbrella Rank: 17302 cdn.xplosion.de — Cisco Umbrella Rank: 27829	6 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3359	58 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	98 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1045 id5-sync.com — Cisco Umbrella Rank: 437	18 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 739	456 B
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 17281	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	64 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3449	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7832	531 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 34696
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1131	9 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 104063	550 B
1	tisoomi-services.com www.tisoomi-services.com — Cisco Umbrella Rank: 889980	276 B
1	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 24159	33 KB
190	31

	Domain	Requested by
19	static.criteo.net	storage.googleapis.com securepubads.g.doubleclick.net ads.eu.criteo.com
14	pix.eu.criteo.net	ads.eu.criteo.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com www.weihnachtsgeschichten.net
12	securepubads.g.doubleclick.net	storage.googleapis.com securepubads.g.doubleclick.net 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com www.weihnachtsgeschichten.net
11	www.weihnachtsgeschichten.net	www.weihnachtsgeschichten.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	mc.yandex.com	3 redirects www.weihnachtsgeschichten.net
7	pagead2.googlesyndication.com	cdn.unblockia.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.google.com	2 redirects tpc.googlesyndication.com 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com www.weihnachtsgeschichten.net
6	assets.ad4m.at	as.ad4m.at
5	cdn.consentmanager.net	storage.googleapis.com b.delivery.consentmanager.net cdn.consentmanager.net www.weihnachtsgeschichten.net
4	b.delivery.consentmanager.net	storage.googleapis.com www.weihnachtsgeschichten.net
4	ad4m.at	www.weihnachtsgeschichten.net ad4m.at
4	a.teads.tv	www.weihnachtsgeschichten.net a.teads.tv
3	4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	storage.googleapis.com c.amazon-adsystem.com
3	mc.yandex.ru	2 redirects www.weihnachtsgeschichten.net
2	googleads.g.doubleclick.net	www.weihnachtsgeschichten.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.fr3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
2	www.googletagservices.com	4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	bidder.criteo.com	static.criteo.net
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	signal-segments.s-onetag.com	get.s-onetag.com
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	ups.xplosion.de	storage.googleapis.com cdn.xplosion.de
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	as.ad4m.at	ad4m.at as.ad4m.at
2	t.teads.tv	www.weihnachtsgeschichten.net
2	www.youtube.com	www.weihnachtsgeschichten.net www.youtube.com
2	storage.googleapis.com	www.weihnachtsgeschichten.net storage.googleapis.com
1	dfp-gateway.s-onetag.com	get.s-onetag.com
1	rtb.nl3.eu.criteo.com	www.weihnachtsgeschichten.net
1	csi.gstatic.com	cdn.ampproject.org
1	id5-sync.com	cdn.id5-sync.com
1	rtb.fr3.eu.criteo.com	4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	mug.criteo.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.xplosion.de	ups.xplosion.de
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	track.webgains.com	as.ad4m.at
1	secure.quantserve.com	storage.googleapis.com
1	get.s-onetag.com	storage.googleapis.com
1	banner.congstar.de	as.ad4m.at
1	www.tisoomi-services.com	www.weihnachtsgeschichten.net
1	at.teads.tv	a.teads.tv
1	cdn.unblockia.com	www.weihnachtsgeschichten.net
1	weihnachtsgeschichten.net	1 redirects
190	60

This site contains links to these domains. Also see Links.

Domain
www.consentmanager.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.unblockia.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-22`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
b.delivery.consentmanager.net R3	`2023-03-19` - `2023-06-17`	3 months	crt.sh
1376624012.rsc.cdn77.org R3	`2023-04-07` - `2023-07-06`	3 months	crt.sh
www.tisoomi-services.com R3	`2023-03-31` - `2023-06-29`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.xplosion.de R3	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.weihnachtsgeschichten.net/
Frame ID: B042A287AF4A4BD238C8F81344568C76
Requests: 77 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 80C188BDADC3EAFE0556B36EABFAB88B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Frame ID: 86C09106CBF477DEF1419962F993B7B8
Requests: 11 HTTP requests in this frame

Frame: https://cdn.consentmanager.net/delivery/crossdomain.html
Frame ID: 7C3FBB4B72F5B387AF0A4F2691D7A75E
Requests: 1 HTTP requests in this frame

Frame: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F2055A42DC724D859C3ADE451682A13
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.weihnachtsgeschichten.net&gdpr=1&gdpr_consent=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA
Frame ID: CB7996505F19699084A16E259F4C8578
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D6C6443B8FFA8D4C07AC4151CB7C316
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A0176203CFF8F35670C28AC35296F64
Requests: 2 HTTP requests in this frame

Frame: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B03FF7CD604A971A0A46EC40EC6CA458
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDW5zAAHlRkKcbMUAA3kb2J1XEv3B99a_fD4aA&u=%7CcgowlI8UyoxSCKIVH53qXjrfr0ctMtndtkTQA6mlSvo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA8e3dAvOpUVbXMdIXFdKfuRV6bRsnXUd-gUgdxOPxmchbZXE1KGmfTJZ5qbo2O41A2JYYLL6SJYndhVw4D98kCvMA1LQPQ26LuVhd2mjF3VcfUgN7F3LZvAFjw7rhnuJfLlLBIua74Tgqn51_RyjrXqX8F76j6FcKOfxSmCKFE-nd5wHnKQKSFRubshML9tgSWxtXor25qPP78GH6GKUFU4Of9uhXhprGRh9dch0Zy98Ow4wxRQt67X3VW_PpSA9vRG-xE3pkKpIMsefhITzxZWuBcDWY8EM1uFi8R0gE4e-_yGsLWoJQWva8QQ1D9YiYXJbQYrEhtitKgClJ22TabtF1TQq1E4Y0V_uaRsLsCCAKV8Y4Ai7DoMfIKlMG2QDaOYga1sNlwvDL8qym0QWpx2FFe4rz18i_GmmqYWpPeUswHHKo4jl5rlcyWnOkNGrgHC3M2g4tys2mepY6ob_6eHL7CJoBICgt7fon7aGFbvbKUXCmf8glilvnBIBzXSTSnUuxp26p6k2t6SNCCMZPnytJ4-LcU_Q_c_b8crK4_TPDKOMBtQeXofuxP-0Ci3Afce0LHaupV8J5i2DxIL-xiZowwh5ODMcuqc5V2FQ13ZTL8hDbebh0HQxsIMdE6YEU7HKV_qLpOECnrk8qnFrTQYtxJ-xKdo0khrDOfAaBhYUrJ5AoMFK671bG2BcLYTN0GZLg55Xy7-LdCjJEzOo0qA_2XmTiv6juiyTBM-JLvzjpg0NnQVyP3O6KGBbzglisgwRdHhAep0f4Yr8HG6cofSEKaSa_4yBpTCJFgVu3ANxfARRHq-o7Kk5ERFwAQX3LU3W3XdWpD2ojL1i9_3V2FScsAjg1mPISoYGjsVJiac8-MwsMudz3oSTi1gXm3mVwpucjoeggbrJnkpu9XvVfDi-74EVgiDN7lBLN7w8xjIsTH2fybQFNOUTg8hfwyW7eFSPXCuR_lqpcyalqhC9IwY_9ITAgYZvDyD5GZua4guHOn_Ko_Grod9bYANzILK01Za0ljNAp7hBg0jDro_ek4_0U5isSpgy209egxOoV6FiFh7OFhc573FZIOl6myG1gj2bNWZh1sbf5vJfxmuV4r2CdBZXrIgRKWlnUmV7s7J1eyfxapEPeqThWp160mTFhfsWGsl_tH7jZLdNjDtccjEigNzH_TyMjiheblPih8iwUk742gZ0ylPO0WHaHvde_N_fDptHkR2-BHNn-jlmTOw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAfBpzLk1ZJmqHpTmxgPvyLeQDsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMjQ0MjM5MTM3MTEwNDA2N8gBCakCYFwDHvNKsj7gAgCoAwGqBJ8CT9DbDFqAwU2JqelFYM5ZBi05otMiVdH3E6PkVTSXTP4rDXp8s3-FY6eBoYtmHGhXFPwK07FNZkW_T24G1xG8HzNJrkn6XHB9B_3OYTJj-0phnWf9Uo-epClPadKgO6ThL-VCF98E7LOZ1qzWUUuUYUl_a_QzLMlChpm2hF4BPfw0RTNed7N7nXLC01BsY8_C6NnJBlOPBhl4fXnYpzBf9C6LVEAoFCg2AJPiqoXzIjJiVZ630AEFJ9eBDTvH4kS0GNehLfdmst7MDWKTW9GtTVvtnC431_SNIWzil8NoMTeNuQLAwfGa5BUaV3RO14bDg1nWXxfhBJBidyanpK35qFZnu1lkc6juntv9klh5L3Pd1lsstFdLDRlBW_RAM2jgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggQCIDhgBAQATICqgI6A4DAA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zM7ZV7niFcpJIaP-QSKFTIv4fxA%26client%3Dca-pub-2442391371104067%26adurl%3D
Frame ID: DE94AED25D92BDF9358F43B1A636DDCC
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: C5DF1B2574C06AF4D7E9106BA1B33674
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: 078AF22CB76649D243081CB5EC0797B5
Requests: 15 HTTP requests in this frame

Frame: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EACD13A13D6C913EE38A7A78CEC52F75
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDW5zQALZ1kKcaDDAAMfx_CTHvlaMSuqVGyW9Q&u=%7Cn6kHlRSpbS3R8b9oel5zSBuXplFIAVJUvdp%2FIU4FvGs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZes0XRMyVMt2NSKovuat8dVv_gb-hLv0X_LZiqFHZaHV6eu-D4cKoREtp2C9nC4lZdOYlJlhiu5RmPn50A9FCAKRSagbCoY3Hrd3BWbPjnfWGrMNtQNiEJBvvrtBv_qGvZinyKPV4DUyt4OBAc1_7AS2vxziVYMeaesTJ9VoZGCTkk_w3Uukn3Wil0MrSaKMwEZck5k3m-1mE4yDrnao5Va6s2pLjDvelCoB05XDOk28IPcDHr67EOA-IJDrgMYxJNyzGQytxEqVOHIwZSgbDu1_ALijluvuMcy8YAafZQl6ojncH6SlC_V6LypPKfvHWOrOmKkVg_w4owDFW-QlTdJBjaFWMdE4rgQtj0UiyjQrjrFdSIZHKBZ6OeSKMq2f8Lb7OzEkqyiZy_M9gQzlugrF67Q35ssAAn6mV__x1ohNPQSlz97STEd8zmyEXB-JF1Cmvkywadfqr0L9rPeuTwJfCVnC3qBaZNIXvugJNmRg_tvxypEDnsNKSAZpt_TjLWw20te8Uvs2tIRWS27P9biroZusAtOfrdIJrpEHfmX1hmaVklyy5T3Aq3pIx9AraKgEgG0Y5aMbGsjvJ1-Io7yuS87SZqutdFnYU1u0FU26nxWi6S6UvOPpIyHMzM9sREb4eLgclIv5e1uG3hNDPM14A7iOaBxD_UnX9GzTuvTLkjhJwblB3YONAglrml_55Vcn1QU3S3sHqR8X5rFuiL1wPry0N3FuYVIDxfXTjog0p9NAOk6iDmwUAqdptYhugYnHt9f8wHAoB1dWg2LG9sqfSYJzDUbxdCOGDNYwlopTw_8COeCzc2oKpNw6yo_qphJz4Que39WMFhnLO6sOJwdFKYNZSpjwNglwP1aJd5qKyhPKZQmUksSHYOp3oWDVwkrn52y_VW--V07MDb-J_KSajxpepjoaCCO6xT9AgKzienu5UA1YZ6f0QwnkO81qy4HRleX8MMWwa-2VmUgB5M0_KNgLemTGunr-QeS3EZfAtmTC22IkbK4Ii_ezPLAaiEwqXOFTEix-OJCFTF0vVyhgExZeBhiiDHRSEkQBBv_4hrY2Bv3l1BxMIWflX368cTvQTmmW-An2_Kh8guPmpUyPvlpaj4L0Wk71Hco1E9nIhyU2xMSg9kaCCEj77xTPMFz-GEAI53KcOTpcXSCq1qEc-ZYfibKrGJysZnQxX7WN2O7k0RQCIAgkfof0FsZoHu4d5YY5r05bw52HBNhYEqcU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpDbzbk1ZNnOLcPBxgPHv4wIyZ7SsVzVnZH3cMCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0yNDQyMzkxMzcxMTA0MDY3yAEJqQKyZy8ba0myPuACAKgDAaoEnAJP0LobEYxQqZKnvPOx6Ej9YLEjkzDuWQFPEsIJBJU2GBgsNAL9-44it6BN-NnuJ5kgugiTMiOaPgGlv010g5cUsSoRZZKC5E1Qqx0-8tD3QcOATsp1titK1BDdDM2Et6zAMlh6HmWz5w16nsMDOC0vQQ8a5Ud0vZLyvqh9JZ4myW2DwSXarm7bcpYnyCa0yG1geCuF14oOdSIRahrPyzR6wjjIAbxmXqYpR5JFlnRYu2oUOUt5QJrkpaINY4RK1The4tlZ7HzhDNIugVOzxloLkcmTDmPBI1LDcvzdCxn0JrJH4gA_4xaABf7l2PnRMCmEwBV7JCoV5td692-_ucWSoCsvHpeAmSfUsYO8LdtmDXAXxLX0Mi0iHf9Yw-AEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBAIgOGAEBABMgKqAjoDgMAD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MsZDr8OT2VprFfKd87alr65C7NQ%26client%3Dca-pub-2442391371104067%26adurl%3D
Frame ID: 16BA555A80641E01C0CCE7C4E0DD935A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weihnachtsgeschichten

Page URL History Show full URLs

http://weihnachtsgeschichten.net/ HTTP 301
https://www.weihnachtsgeschichten.net/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

190
Requests

96 %
HTTPS

63 %
IPv6

31
Domains

60
Subdomains

56
IPs

7
Countries

3244 kB
Transfer

6911 kB
Size

35
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.consentmanager.net/?utm_source=cmplogo&utm_medium=banner&utm_campaign=cmplogo&utm_term=55325
Title: consentmanager.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://weihnachtsgeschichten.net/ HTTP 301
https://www.weihnachtsgeschichten.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9970.K1EPGRGicadza_iQlxIphbNfD9CeK74LDINe-a-UrMiOR0drVJ6opxLryJplW-jq.bV8CdefRIi23CpXCRSR7YuGB6LY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9970.1jEBtvp16wERK3pLE05K9UCYniYHxPL2HWqpdlgr_AcF3HO6M4eyAV25oHSZgjGD30hkQauvhNrYtikY7zvAMeCYC_yl-rvydnlq4AuDy-I%2C.fgLv3MybxNJXLsUSEMyLrCgeoR8%2C

Request Chain 40

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2oneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COrin9LMov4CFdkZ4Aodgx0FZw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2oneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2oneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1681242572_fa72b870-d8a1-11ed-b00f-2238801674a3

Request Chain 65

https://mc.yandex.com/watch/67959763?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A671%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A1641535518053%3Ahid%3A779480821%3Az%3A0%3Ai%3A20230411194931%3Aet%3A1681242572%3Ac%3A1%3Arn%3A1046744668%3Arqn%3A1%3Au%3A1681242572426461360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A29%2C35%2C78%2C2%2C388%2C0%2C%2C250%2C2%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1681242570795%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1681242572%3At%3AWeihnachtsgeschichten&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/67959763/1?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A671%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A1641535518053%3Ahid%3A779480821%3Az%3A0%3Ai%3A20230411194931%3Aet%3A1681242572%3Ac%3A1%3Arn%3A1046744668%3Arqn%3A1%3Au%3A1681242572426461360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A29%2C35%2C78%2C2%2C388%2C0%2C%2C250%2C2%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1681242570795%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1681242572%3At%3AWeihnachtsgeschichten&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 71

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9970.HmZCVul9b5dNohCNx7WRgZ2GESyJ_6Q71ffw3q61WgRHuN5Q8QLFfik5WO4mLXEV.4e31x4GlZLADoNH_tKbA53Q2ORU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9970.BfQS6nKo4oHFU968Eifjz7DXrb0Q9WTXvX87tbrS1SNHmjbuD5MAH24P8mYwMTSUF3K7Qi00Dnt84NHnU1KNm5fCwNNE-PDrR59wQN4YmYY%2C.lZN27-q1sEHTvXI-bzcokcMg-XU%2C

Request Chain 85

https://gum.criteo.com/sid/json?origin=publishertag&domain=weihnachtsgeschichten.net&sn=ChromeSyncframe&so=0&topUrl=www.weihnachtsgeschichten.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=JNkpdXxWbkRPKy9zaWFEYm1PbkVuV3ZPUUxjTXlyV2N5THBUSUtIVU1kODhlMm5OaXNFVU1QSmNzSlpPcEFEV2hPMm0xMk84c3ZNZ1RWVjZPVjlFYlpFekduWmw2ZmczbE1BYW1TVnFPWFRrbTdubGRrWjZ5NHZpbGpZd0RwTXhIVDd0eTNveVVGMStITlhyK2Q2NnRKTWEvYUw1RmV5OUl6MTBUY0lLSXJhb0sxOVdkN01wQ1lJU2lxUmwvaW1UeUZMSUZMYzNpTGdoVXJpeVY4U1JVMEV5Tm5PblRVL2IyTnVERm9KVW1nL1daZVNNWFROTE04a2dqL1JJVDl0WXA2N2hlRlNBdkcxcENYaXV0RFBSZjB0b201d2w3dmxKR1MvdCtMd1pXOVJPVnBuYz18&cppv=2

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

190 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.weihnachtsgeschichten.net/
Redirect Chain

http://weihnachtsgeschichten.net/
https://www.weihnachtsgeschichten.net/

42 KB
11 KB

142ms
78ms

Document
text/html

2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7904bd25b931a22db7b63e11873ae740bfa8fe70667f26956f1dfe1414051f1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b65c0d65addd0cd-AMS
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 11 Apr 2023 19:49:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUrvT6b5ARXvLDOeyu0Zy9ZIZKxuARdk4h8FASLGSkexPQpCJyMn%2F9WNl2B%2FnD3H7WUE%2B8doAHGR40GzDmGRGtDkwlUTphdcDD57Kxqi%2BWekdwVDKuk11fYpjKR8%2FjtOjuDNSz%2FHc0v2XPIgWhunV7a6TlwXahq1S1BxlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: BYPASS

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7b65c0d5ae86b8ac-AMS
Connection: keep-alive
Content-Type: text/html
Date: Tue, 11 Apr 2023 19:49:31 GMT
Location: https://www.weihnachtsgeschichten.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2F6BTuIklCYF9OvpxHvmbB72%2FfQifj%2BXT9reCFf%2Fw9ArbmlRIbvoWKftwAcguFMI400PTf8L8TxqJ1nuLA5koATqVYlTBJZ8Nkxoin1U4WaKdmDjplc41WwCkLKRv5MM2JdpMSUDTQQjrrwt139ascQGw3kCg30Y"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 b9a6700f23b0344ef774c64401819649.css
www.weihnachtsgeschichten.net/css/ 125 KB
22 KB 96ms
95ms Stylesheet
text/css 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weihnachtsgeschichten.net/css/b9a6700f23b0344ef774c64401819649.css
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0431f53f752ff02e33885c8a18d9cf0a93ca00a0c293925a82e8333c4f37e67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 10:37:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6377606e-1f3f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k13REheT%2BaTU2b6beNPHluY4r%2F0WREf%2BWaOapCbgkyoIagNTeBduE2m2V8kvt2YYzpiH936fLugF3eG4BxLpCaP4emTzluvy57XuYkJCTZFZAAfGXkJfNLZsbSwgfVCsxw9oH%2BjkZZQjyaQhsywh3z00ChWpySVy4ZCZXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b65c0d6db90d0cd-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 h.js Show response
cdn.unblockia.com/ 157 KB
33 KB 82ms
10ms Script
application/x-javascript 2600:9000:211e:8800:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8800:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44eb36c6a65f0e63c18910d10ee5ff2aa72257bec74095ef363bd26a306af9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 5vsQcfUrVr4Wby6v4wGdzisFOZqdchK.
content-encoding: br
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 01:05:43 GMT
x-amz-cf-pop: FRA56-C2
age: 67429
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:a0555eec-84d6-48f4-86f5-be6231801593
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 0f746dfd2c6c40181678c6e0d4cd05ed
last-modified: Fri, 31 Mar 2023 11:54:04 GMT
server: AmazonS3
etag: W/"5b77cd0a889694a63bdf25ce8442cbc2"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 3ffb13e241e8dbb5fae5970714d1a1f09ae08cb0dc925c29028c32cf62610706
x-amz-cf-id: EFscchTvdAHGk2SHC_WfUAbfgRkhn3hZRu8OHGowNQqFsd3RaWQRIA==

GET
H2 200 QMAX_weihnachtsgeschichten.net.js Show response
storage.googleapis.com/adtags/wm/async/ 16 KB
5 KB 126ms
67ms Script
application/javascript 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c9b5378b42fb210ba18bc1c6879c3deb075cd6c0a50f4ce42b703cddece693e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: gzip
x-goog-meta-accept-encoding: gzip
age: 0
x-guploader-uploadid: ADPycds9psbHH7b4-szYa_5Enz7nrkHXWA7kN7U_xGTsEsSbutcAC8643roN-Ic5I_4SaTEQ_PX62JYoSm3-9Iqoz2PacpYSSXk0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4381
last-modified: Fri, 11 Nov 2022 09:42:47 GMT
server: UploadServer
etag: "c1a2081303347c83c86bdc30dc802c8c"
x-goog-generation: 1668159767743880
x-goog-hash: crc32c=djEJCw==, md5=waIIEwM0fIPIa9ww3IAsjA==
content-type: application/javascript
cache-control: no-cache,no-transform
x-goog-stored-content-length: 4381
accept-ranges: bytes
expires: Wed, 10 Apr 2024 19:49:31 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 65ms
7ms Script
text/javascript 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: HNCSKCWQWXG97WK0
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: IV/iLOAQ+TdvPm0JAyzhJQxobzxqmSyx3tgyvedXApyIuggDD79cfSq/MxhZLcL446xj8+GKrkw=

GET
H3 200 weihnachtsgeschichten.jpg
www.weihnachtsgeschichten.net/thumbs/weihnachtsgeschichten/ 70 KB
70 KB 93ms
92ms Image
image/jpeg 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/thumbs/weihnachtsgeschichten/weihnachtsgeschichten.jpg
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68a81ddc0974891cf786f43ef55c340db91f3d5a63ec49c508143232e4ce654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: MISS
last-modified: Wed, 13 May 2020 10:30:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ebbcc5a-11770"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuPEAbpPTCfAc7AYOWK83gOPHaCUakU%2BCo9IsosZN8gqnxuLTgGzIZ4BDVbJXTSobepNm8d7dZEKRsRMYCO1QERHVMaiFBgv2fd1LWZ6BGAsEt3nUj4XZJLEfejslJVQmqHZqTaVzss1%2FEg%2FeNP9nApN7WlJ4udzGsMhlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b65c0d78d07b8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71536

GET
H2 200 lashv0bg.js Show response
ad4m.at/ 30 KB
12 KB 74ms
30ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/lashv0bg.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d37935b6db3df045121d4fa638b598e7e4f0a71f16d4e533b26e8d26732d5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:47:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16850
etag: W/"6b6da2a8a7d8afe3ec2af42a0c51bb6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LSF1ShhJPidBvtZqZbhYqktp72T7%2FREECZJ7unHYQhlF73oSiaSFKbVrT6YeqqHI2mxB5lyDnRQqvsHawG2dcWJffXdcygt1PBeXJV7MYB%2FOnJo3M341TjrKYz0%2Fm5HSetVxio%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7b65c0d7ce5bb7f7-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 11 Apr 2023 13:52:22 GMT

GET
H2 200 tag Show response
a.teads.tv/page/138650/ 734 B
796 B 270ms
212ms Script
application/javascript 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/138650/tag
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dee9a8f74f792db0d00d4692419aba18da305d4e64a259d3f00fec5710b41b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 454
expires: Tue, 11 Apr 2023 20:49:31 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 992 B
2 KB 73ms
32ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d12edf79a333c20b2ffdc2abfa2168c88d6105e2073cce1bee3b962191ea38f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 11 Apr 2023 19:49:31 GMT

GET
H3 200 3c9a73e8f2a1098493c2a19f040eaa45.js Show response
www.weihnachtsgeschichten.net/js/ 164 KB
54 KB 80ms
79ms Script
application/javascript 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weihnachtsgeschichten.net/js/3c9a73e8f2a1098493c2a19f040eaa45.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2b48eeb2d8be46e58fb71e59f7cf42be331a1bb07b1eb23b512b967e12a7ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 10:37:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6377606e-291aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utuZoQov6AjdDS%2FMzzujQdswb%2B6iPKaN53KEi7%2FABvabTWS7w5cd0QyDuCjSkVkmK7%2Fl86hgw8kpc3sProh4xHvkEmuB1B4kq92O3QVTbZEo0UcHvDyN1Pjx%2FL4X1ctg6MB5PSBvNNnEddOxw3x0L%2Bdewz0%2BhKqpnbQcFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b65c0d78d01b8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 t.js Show response
www.weihnachtsgeschichten.net/js/ 11 KB
5 KB 54ms
52ms Script
application/javascript 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weihnachtsgeschichten.net/js/t.js
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a55c314c1488fe74cf731441adccf2f398ebba43450d0ba90733f33e55a1735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 Apr 2020 12:30:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e872c4b-2beb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNyu3Z6aqirFhQ9IfTiDs4oWMwNqk%2Fn6bvPVOv35j2Uc%2FlncBRZAUHFvGrABkIUINKrS9iZeDJ2vIfQg2FPgeEoYCjXxxCJJS1dIA1u2SVc7cinYXSKtO3HvT7xfOURy1KIugWnPb1rfnysQuGCD8YTnI8%2B872PdBNgqHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b65c0d78d05b8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 glyphicons-halflings-white.png
www.weihnachtsgeschichten.net/img/ 9 KB
9 KB 55ms
55ms Image
image/png 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/img/glyphicons-halflings-white.png
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/css/b9a6700f23b0344ef774c64401819649.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/css/b9a6700f23b0344ef774c64401819649.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Aug 2019 12:41:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d515e8c-2249"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kC%2FQWdxotvF9AGS5097bzcRD8CMhgmqnZuXdcDwgvzSPTLkJmNLSKT3vetAR0ymwvAGiwl%2Bz3xX0gP2t%2FXKd89QQ8ZZ73vjXtKtoc2Bh8qjU6ct7Fx8gnUYTfbh308nlvtZb0Hjmv0ineI4c%2FjT3xVL3Z9neFYvhQRhtnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7b65c0d78d0db8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8777
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
352 B 295ms
253ms XHR
text/plain 95.101.201.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_14881&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 19:49:31 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.weihnachtsgeschichten.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Tue, 11 Apr 2023 19:49:31 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/ 184 KB
62 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9d5d388649117caf4229e65edbf884be9f45e78259fb042e60ad1c112612b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:43:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63230
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 10 Apr 2024 19:43:21 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 163 KB
58 KB 197ms
94ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/js/3c9a73e8f2a1098493c2a19f040eaa45.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8b54cb0cf73d15e576a970b9ff7ccd7c9b64024866676f36e23bc4ee3160bd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 12:29:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6435286c-e459"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58457
expires: Tue, 11 Apr 2023 20:49:31 GMT

GET
H3 200 star-on.png
www.weihnachtsgeschichten.net/img/ 1 KB
2 KB 45ms
44ms Image
image/png 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/img/star-on.png
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88233ad1abcd2282b53edb9465a6bef42fd32de319f014e4059353e4fd8a7e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Aug 2019 12:41:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d515e8c-407"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0Y3cfdnRtBzmU0Ga1US7V79OPGNbhBDDc294dHf%2FLeTnYaCGgUfIZO2dM%2Fh6a1DW9AoON%2FIbc4WLAsX7h%2FU%2FQ7%2BOmDS%2BZ9V3xf%2F1X1WDcOzrCatb7hyi%2BMyFv6OSTV00gWb2PN1Qx6ZrnKWyhWTFtpPuWhBbNltgAPKzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7b65c0d85e16b8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1031
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 star-off.png
www.weihnachtsgeschichten.net/img/ 930 B
1 KB 53ms
52ms Image
image/png 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/img/star-off.png
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf9b07584547d5d561dfac9cdbf7b6a530cb72a1b7a1096411966036c4017d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Aug 2019 12:41:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d515e8c-3a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7B6QzHDl7mK%2B5YI2vwlXJtLYQE4cW9biURaaKPX0vvPXFRzC6hxaL1P9fpr1M5e1lDXOQTQEsd1Q8KWwg59NG5x6e7%2BNX%2FjfZ51bKTdaDT4Rl76ehwdVK3%2BnXgHK74uLrtL5TRv4VUmgFZbO5rYSr%2FP77eokeTL0DMPXBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7b65c0d85e17b8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 930
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 star-half.png
www.weihnachtsgeschichten.net/img/ 958 B
1 KB 49ms
49ms Image
image/png 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/img/star-half.png
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808ffaeee4006e4930f89f5dcf46f603eb173ecc365b8f3df2b822bb6747c0b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Aug 2019 12:41:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5d515e8c-3be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpOdQap%2F8bj0C0u%2F81VZnaTFn%2F6nwT6VRhzF60t5QYkt3w%2FTtlP%2B8XZQ0WWQ9fSsOei0v%2FR3E9YdeMXscrLUbweE39bGoRsUvgDTVNzfUuwem8PVwgFtTF8tU7boj7fR5z%2FerP8l1Kmc0lf%2Bny3avOzTFOg3rWQpy1r84A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7b65c0d85e19b8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 958
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 131ms
83ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5123c1a40493444a739a3b0ac6da67ed7610b3b668a1397cecbeab3cb2fc215b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47863
x-xss-protection: 0
server: cafe
etag: 11434308888208441983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 19:49:31 GMT

GET
H3 200 ad350.sWpf_Vy5OUVMJ4.gif
www.weihnachtsgeschichten.net/image/ 0
473 B 108ms
108ms Image
image/gif 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/image/ad350.sWpf_Vy5OUVMJ4.gif
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5cLccDjk6ImIYK3wuO2QNMfm2aLxjtg3pKU1fFELntAKZXkJ0HXHiXe0bHN3WlepDGiASnz%2BJjDv3TD00MURIvp0XQWklqsN%2FX299gDSBt6QLRfIuX5umOooUrzTIBtz83zV6mmVQLi0v7p0VQUWA2jGKTd%2BDqsleafOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 7b65c0d87e4ab8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK cmp.php Show response
b.delivery.consentmanager.net/delivery/ 5 KB
2 KB 81ms
26ms Script
application/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?cdid=6acd85cf399d&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&&__cmpfcc=1&l=en&o=1681242571587

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

20bc5468098ed5c93740df61828db61260fa90cfb749a155ec02499786d5fd3a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 19:49:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2023 19:49:31 GMT
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.net/delivery/js/ 484 KB
99 KB 114ms
22ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/js/cmp_en.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

68fcb61a8ac3a8cf22c7d9878462bdd7d18d0ce93d9b18e5b5013db8a1e3e0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 11 Apr 2023 19:49:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 1145
x-77-nzt: AcO1rgUtqBT/eQQAAA
x-accel-expires: @1681243226
last-modified: Mon, 03 Apr 2023 16:02:54 GMT
server: CDN77-Turbo
etag: W/"642af8ae-78ea9"
x-77-nzt-ray: 25b02131d2f6467ecbb93564fb679c28
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public
access-control-max-age: 1000

GET
H2 200 frame.html Show response
ad4m.at/ Frame 80C1 2 KB
1 KB 31ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/lashv0bg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1641088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7b65c0d8bfc3b7f7-AMS
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 11 Apr 2023 19:49:31 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdCP0NfiMUvnCHIQcoiPN3DECE5fvEL3Na45MrqoJypU%2By%2FpFRRxjSicvYyfVeuo1rWHxly0Og0nwSHLMW6Z16Ig7Z1qtWnLB4hIGpwAfHyM8iSdwBFHTV9ibqVNl0dL0Dt3HAM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ 473 B
868 B 36ms
35ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/lashv0bg.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41637486966b424136dc0e3a8a99778ff87343d67ebc83abbd49c2677d88bad1

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjiN8RFLl5GXNCPxG%2FvHjiNan1tVtgYjlHkjz227f7imTXg7bUEGWACW3AmfnYPperU3E3ESwIAZlXrXDeSpzZLwhfhBxXDpZ9R%2F1%2Fx0wpIcpFG4n70MzEfTRoQ%2FmIoXfErZNqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-allow-credentials: true
cf-ray: 7b65c0d96e620a60-AMS
x-backend-server: aa-reachservice-group-europe-west1-8rlm
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bV8xLndfNTUzMjUuZF8xOTU5Ni54XzI2LnYucC50XzE5NTk2Lnh0XzI2.js Show response
cdn.consentmanager.net/delivery/customdata/ 50 KB
11 KB 118ms
112ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfNTUzMjUuZF8xOTU5Ni54XzI2LnYucC50XzE5NTk2Lnh0XzI2.js

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?cdid=6acd85cf399d&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&&__cmpfcc=1&l=en&o=1681242571587

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

df26487b1ed2e48ac926acab48ce3ab66aff77772db93b5e93c337ab7046d282

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 11 Apr 2023 19:49:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cache: EXPIRED
x-77-cache: MISS
x-age: 32424
x-xss-protection: 0
x-77-nzt: AcO1rgXSWKfLqH4AAA
x-accel-expires: @1681244371
last-modified: Tue, 11 Apr 2023 19:49:31 GMT
server: CDN77-Turbo
x-77-nzt-ray: 25b02131d2f6467ecbb9356491d91829
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *, *
cache-control: public, max-age=1800
access-control-max-age: 1000
expires: Tue, 11 Apr 2023 20:19:31 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 59ms
41ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.weihnachtsgeschichten.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b65c0d91df30a60-AMS
content-length: 24
content-type: text/plain
date: Tue, 11 Apr 2023 19:49:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ElEFSac23FnI0YhclNHNTu8LPI0y57LN3MUcnRB2d64WwayWCSum9P92ctuTCBIdUqLbmvNRFPu2cs0ZuU5as%2F9CP4LfHGsP6GBfhZ9sdwNfBiBGAgusLJKhFYuBObH2f%2Furek%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8rlm

GET
H/1.1 200
OK cookie Show response
www.tisoomi-services.com/ 68 B
276 B 96ms
26ms Script
image/png 136.243.25.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tisoomi-services.com/cookie
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/js/t.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.25.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: api.addefend.com
Software: envoy /
Resource Hash: 53b14a22cd3dc973d6cb1a381d01fafafc4da1632bacbf15f7fac0014fbe70c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 19:49:31 GMT
Cache-Control: no-cache, private
X-Envoy-Upstream-Service-Time: 9
Server: envoy
Connection: keep-alive
Content-Length: 68
Content-Type: image/png

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 596 KB
131 KB 7ms
7ms Script
text/javascript 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/138650/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 948eb970a25988ba04a01d5bf9b2d3851a4161541e03251ffba8cb86f93423ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 15:46:56 GMT
x-amz-request-id: VKV1GJVB9J9K36G7
etag: "47faecf8d8ec157f94bb99f3db6ff480"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 1
accept-ranges: bytes
content-length: 133167
x-amz-id-2: IYoYuqQBrvM4lefOhHjPcjtwRYK0pLEoT9uH+mGVCdVhYhdKaMI5h7VvqvK86TpXssGA5bdWU0Q=
expires: Tue, 11 Apr 2023 20:19:31 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 284ms
240ms Image
image/gif 2.19.229.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=33045837-47cc-490b-99dd-fc6ba84a516a&pageId=138650&pid=152138&debug_metadata=mOklndxG2u&fv=1168&ts=1681242571776&f=1&referer=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.28 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 398ms
353ms Image
image/gif 2.19.229.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=33045837-47cc-490b-99dd-fc6ba84a516a&pageId=138650&pid=152138&slot=polymorph&fv=1168&ts=1681242571782&f=1&referer=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.28 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 11 Apr 2023 19:49:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 86C0 7 KB
4 KB 52ms
36ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/lashv0bg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc5df900bc78feeee291153dc5df5f371ca6f697da0949af1d00c2370953bfbc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b65c0d9e978b7f7-AMS
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 19:49:31 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 453ZFWQ5c1IBrWNLF32hG9bmJM6jMl4.gif
www.weihnachtsgeschichten.net/image/124257180075/ 0
474 B 120ms
119ms Image
image/gif 2606:4700:3033::ac43:d65c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.weihnachtsgeschichten.net/image/124257180075/453ZFWQ5c1IBrWNLF32hG9bmJM6jMl4.gif
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:d65c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teOs3knfO3CEXFIVBdno5Nx10lgjAEluPBMenVRXzfwL3zJh8QJVMuB%2BGpr7578iTsSb9WTmoe%2Ba4ysyIGvMCc3MMpsaesynNyi%2F2wekG5vhdxyRiatW1LhI2l%2FCErZcfnCEi4%2FBhvqGDVIka2ohRKuh0wUNCovirlRstw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 7b65c0d9c88fb8a6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9970.K1EPGRGicadza_iQlxIphbNfD9CeK74LDINe-a-UrMiOR0drVJ6opxLryJplW-jq.bV8CdefRIi23CpXCRSR7YuGB6LY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9970.1jEBtvp16wERK3pLE05K9UCYniYHxPL2HWqpdlgr_AcF3HO6M4eyAV25oHSZgjGD30hkQauvhNrYtikY7zvAMeCYC_yl-rvydnlq4AuDy-I%2C.fgLv3MybxNJXLsUSEMyLrCgeoR8%2C

43 B
91 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9970.1jEBtvp16wERK3pLE05K9UCYniYHxPL2HWqpdlgr_AcF3HO6M4eyAV25oHSZgjGD30hkQauvhNrYtikY7zvAMeCYC_yl-rvydnlq4AuDy-I%2C.fgLv3MybxNJXLsUSEMyLrCgeoR8%2C

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9970.1jEBtvp16wERK3pLE05K9UCYniYHxPL2HWqpdlgr_AcF3HO6M4eyAV25oHSZgjGD30hkQauvhNrYtikY7zvAMeCYC_yl-rvydnlq4AuDy-I%2C.fgLv3MybxNJXLsUSEMyLrCgeoR8%2C
date: Tue, 11 Apr 2023 19:49:31 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 49ms
48ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 12:29:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6435286c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 11 Apr 2023 20:49:31 GMT

GET
H2 200 crossdomain.html Show response
cdn.consentmanager.net/delivery/ Frame 7C3F 2 KB
1 KB 17ms
13ms Document
text/html 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/crossdomain.html

Requested by

Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

2b15114adb679270e25e0d47ca2d8ee278701c0a23d815ebcbbd0a4630211873

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
access-control-max-age: 1000
content-encoding: gzip
content-type: text/html
date: Tue, 11 Apr 2023 19:49:31 GMT
etag: W/"6335ff4d-83b"
last-modified: Thu, 29 Sep 2022 20:25:49 GMT
server: CDN77-Turbo
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1rgXv7wf/pQkAAA
x-77-nzt-ray: 25b02131d2f6467ecbb935649aa9a732
x-77-pop: frankfurtDE
x-accel-expires: @1681243702
x-age: 2469
x-cache: HIT
x-content-type-options: nosniff

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 86C0 94 KB
12 KB 37ms
29ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1681210094
age: 31490
cf-polished: origSize=96968
x-guploader-uploadid: ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 11 Apr 2023 10:48:50 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1681210130860508
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD2BqJf0htabE32VSbVGJ2Ukxb1mWcA9JjCrEKzoMibWQ9M0m0%2FXHWFWn0j%2BtQK%2Fvhd1KCLOL22IB8629OW8Hcu0vP16LW6L8UUF5tuVi0iau3JWacCLdGYUn9fiOBIJAGp8gPRarGo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7b65c0da3fb30a48-AMS
expires: Tue, 11 Apr 2023 20:49:31 GMT

GET
H2 200 521816B122764001ADB70A517984F37BFF9BF6A673BABF5D86AB411E7DB29F110A1EE88B26C2C779693C09EA30E537FC99BF58A2C05EC7C7FC76B7121E2F0D23
assets.ad4m.at/logo/ Frame 86C0 3 KB
4 KB 51ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/521816B122764001ADB70A517984F37BFF9BF6A673BABF5D86AB411E7DB29F110A1EE88B26C2C779693C09EA30E537FC99BF58A2C05EC7C7FC76B7121E2F0D23
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0563b45e7f8099573475a80a342c9e71a371e453ae363335dcee0987ce087655

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1198232
cf-polished: origFmt=png, origSize=12409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3270
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 09:42:26 GMT
server: cloudflare
etag: "66b1eff8bdbba24886f7b1fc8575650c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IgB7XfreexjUqLXOtY%2FJ1Brnuovma2O8f8eniggFwAUymztyTFDtWA5gKxy%2BswNmDQcqqYuXIzhqa%2BtT9eZyJWM%2FZcSGAcQL23K6E66lqj7I3%2BmGbPm3TmOpBk%2BVMUACSmyiPbcw%2FqSB8Ji"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b65c0da5a2eb7f7-AMS
expires: Wed, 12 Apr 2023 19:49:31 GMT

GET
H2 200 069D6AC8048C845ED241E4D08FED5C8BF19DF09CD5D31CEFFF7C284512B39110035A45A716C9107E61A08153C69FFB45D9A6249AF8BFA59770C31521FB495CCB
assets.ad4m.at/product_image/ Frame 86C0 382 KB
383 KB 64ms
41ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/069D6AC8048C845ED241E4D08FED5C8BF19DF09CD5D31CEFFF7C284512B39110035A45A716C9107E61A08153C69FFB45D9A6249AF8BFA59770C31521FB495CCB
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49552a1b265626ae43788c7a552f0e83b2a60c3b80a03f0a3ac5d897e19e5a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1480984
cf-polished: origFmt=png, origSize=567269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391308
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Dec 2022 15:02:50 GMT
server: cloudflare
etag: "364fb0bbdd277cfa57c3290ca877647c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKXeleI9Tv0e0F5vfGrITI%2FV4BU7WStHtR0iWH0PWuqdNwNZVCc6iAs4Nv8HTH9VK51sdm8U%2FC2M4GiNRZCwlTZFz7AY7zaqc9wGX0EtyQW%2BAlCPtGNXF%2FkeiVwAa17zl4Yym%2FSdk1yq1oG7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b65c0da5a2fb7f7-AMS
expires: Wed, 12 Apr 2023 19:49:31 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 86C0 43 B
705 B 481ms
394ms Image
image/gif 104.74.96.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3254070&v=14598&q=371862&r=412863&pv=1&pref3=oneidAjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9oneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.74.96.163 Paris, France, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-74-96-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 19:49:32 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 86C0 8 KB
9 KB 65ms
42ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 864656
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlpO9Sjh8OahQ%2BnIdCcwWxWX6TbJDj5J58QkipJQg%2FnSPMCt4%2FBBRQUsUCW6qcI90xrcDg%2B5nI27MmpgZqvoEis4dRvGOkovUHuaUncQzKxzoUOpKymYsqaUMztib%2FF1R0XYpugI4hm6HKXl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b65c0da5a2db7f7-AMS
expires: Wed, 12 Apr 2023 19:49:31 GMT

GET
H2 200 18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame 86C0 395 KB
396 KB 65ms
42ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2423911bd053d28baf9c0b4e448ee661ee4ff0be96c829cc52169eb6bee65d80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158085
cf-polished: origSize=451997, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 404777
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 08:21:28 GMT
server: cloudflare
etag: "7dada3f3f6321a7ee4badc53b11da1f3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHQhHESH8nHvamI3b5lFRRCpbZQmq7TxlWxRCBjv0I9JQoJAMVBEXwulAs4nF1qGgTgiXOrM5enQL%2F2we5EqjAXL9WmxwzWYaB7baq3JwrZ0aIm7x2Ky%2B0YeosDko0n5DxVRV1Zgsv4rzW4b"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b65c0da5a30b7f7-AMS
expires: Wed, 12 Apr 2023 19:49:31 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 86C0
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COrin9LMov4CFdkZ4Aodgx0FZw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2oneid__weihnachtsgeschichten_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1681242572_fa72b870-d8a1-11ed-b00f-2238801674a3

0
550 B

95ms
18ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1681242572_fa72b870-d8a1-11ed-b00f-2238801674a3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 19:49:31 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 11 Apr 2023 19:49:32 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1681242572_fa72b870-d8a1-11ed-b00f-2238801674a3
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D9EFC638AB289FD3D613E62A9DFD75CE8E20732069648E61558E2E1618A61987E42C6E6DCDBB4E685D6BCAF14D92013461EDB50A182F0415875ECFFCE3F1CE51
assets.ad4m.at/logo/ Frame 86C0 3 KB
3 KB 64ms
41ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D9EFC638AB289FD3D613E62A9DFD75CE8E20732069648E61558E2E1618A61987E42C6E6DCDBB4E685D6BCAF14D92013461EDB50A182F0415875ECFFCE3F1CE51
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bedb4ceb0ab2b64b12fd004b32aa7adb261cf8d79940c84c855282ad6831de9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1643350
cf-polished: origFmt=png, origSize=11091
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2750
cf-bgj: imgq:85,h2pri
last-modified: Thu, 01 Sep 2022 15:02:21 GMT
server: cloudflare
etag: "6495fc997cf37b2c4517195f94b907cb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp2HUIBBho6AAINbOxMOFkHAUpf0DNdH1hBL0hhnzym%2BJTmi6YGWOB%2Fjkhtj%2BDdJuW9ej%2FGy7mHIDDWDx77ZHrVXr1aFzKJhuS0NwlwGAGPyLwWsUAJnPg9X2m3G9JkYhhqL31BnxnmLgMVA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b65c0da5a33b7f7-AMS
expires: Wed, 12 Apr 2023 19:49:31 GMT

GET
H2 200 F06860590ABD7E29C8D15D7AC861DD4FC870CCCFF7A9035374E7C69520BBF6AA4ECF92FEA502BDFFC0EC02109F12EC7DE515CB6D7937AD38B370DC19E03680C9
assets.ad4m.at/product_image/ Frame 86C0 133 KB
133 KB 48ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F06860590ABD7E29C8D15D7AC861DD4FC870CCCFF7A9035374E7C69520BBF6AA4ECF92FEA502BDFFC0EC02109F12EC7DE515CB6D7937AD38B370DC19E03680C9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bcc9d482e8dd462455df2b5a21d8918d7e9701ccecc7e79fcdaa23b6eedc809

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1579359
cf-polished: origFmt=png, origSize=271783
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 135710
cf-bgj: imgq:85,h2pri
last-modified: Fri, 27 Jan 2023 12:53:28 GMT
server: cloudflare
etag: "ee621587f32018ed51382f037ebd6ed7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzLmHmVoFOd9QKZco0q%2BWhqJ98yWMIW%2BKRc6QUALZossFzuMPjs1ihByGBK3DTfyVsNLRabXpTzJWwsPv%2FNIBr2LQPnGg4sKqG0Kad2TiHV5kn8jd2%2F1hODWqCqakXxVFXzuCXF4VZCWACx%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7b65c0da5a31b7f7-AMS
expires: Wed, 12 Apr 2023 19:49:31 GMT

GET
H2 200 qbug.js Show response
storage.googleapis.com/customscripts/ 3 KB
3 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/customscripts/qbug.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e85425bd2e6b2f9e6214b358fe34dc87bb42551bbf11f253e96583c086d4f143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:10:24 GMT
age: 2347
x-guploader-uploadid: ADPycdt5dK7JB85NKRFPW3YVxP-Z8Et3btD4pP3bjCFYP6vGWrHvLbrffeeVFcnSGoM-et4956ZERAod8l9jRCj687ohhg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3171
last-modified: Wed, 28 Sep 2022 13:11:35 GMT
server: UploadServer
etag: "ee80dc91df82c7ff8e0362286a3adc98"
x-goog-generation: 1664370695347746
x-goog-hash: crc32c=2gPTNg==, md5=7oDckd+Cx/+OA2IoajrcmA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 3171
accept-ranges: bytes
expires: Tue, 11 Apr 2023 20:10:24 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/ 50 KB
16 KB 72ms
11ms Script
text/javascript 65.9.66.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec3f85924617eeebdbd208b1dc4fd4b521c505e7d4235705ef0d9db7f78c05dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 22:34:49 GMT
x-amz-version-id: XxDcRFOzHA0lasL5ZBkLZNq4IqLJfNWe
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 09:46:32 GMT
server: AmazonS3
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
etag: W/"7721f1d7c10a96f6f4829e5d937be6a6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 76484
x-amz-cf-id: SO_GeLFPQjaQJ-tkI5DnxYxhYmGO-_v3pluzoqCsED1yBkoNTN5Qdw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 85ms
22ms Script
application/javascript 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:14:21 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 d21c7dc6bfb9c2f00dc62b8a7281a898.cloudfront.net (CloudFront)
last-modified: Wed, 05 Apr 2023 20:18:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MXP63-P1
age: 2112
x-amz-server-side-encryption: AES256
etag: W/"f3bdba5d8011fb0ade3d89050f53abe7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: TKI_RNiosvMbtYPBpoQ1r2u0L_GucM4j1R1s1a19nVOlVMtSNocsag==

GET
H2 200 publishertag.standalone.js Show response
static.criteo.net/js/ld/ 93 KB
31 KB 513ms
255ms Script
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.standalone.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

3f73768613f925c342c620a9bcd75ed2c122048a54f092fae9fb73d7caff460e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-17514"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:49:32 GMT

GET
H2 200 default.js Show response
ups.xplosion.de/loader/10775/ 867 B
1 KB 123ms
34ms Script
text/javascript 34.243.91.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ups.xplosion.de/loader/10775/default.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.91.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-91-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d5f4c5bbbc157ab9adf6e30c766bf42de65fd31270c8f1c0dbdcee08816298f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 19:49:32 GMT
cache-control: must-revalidate,no-cache,no-store
content-type: text/javascript
content-length: 867
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 46ms
12ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:31 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 18 Apr 2023 19:49:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 155ms
90ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adtags/wm/async/QMAX_weihnachtsgeschichten.net.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

356c268e7b85421e964dcaab6acdace018e92b446cd141a20d5d1412afad62a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25621
x-xss-protection: 0
server: cafe
etag: 988 / 19458 / m202304030101 / config-hash: 11483479642786645906
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 19:49:32 GMT

GET
H/1.1 200
OK /
b.delivery.consentmanager.net/delivery/info/ 43 B
353 B 18ms
17ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/info/?id=55325&did=1&cfdid=1&t=pv.d_ccpans&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&o=1681242571911&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=5&dv=26&

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 19:49:31 GMT
Last-Modified: Tue, 11 Apr 2023 19:49:31 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
b.delivery.consentmanager.net/delivery/info/ 43 B
353 B 17ms
17ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/info/?id=55325&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&o=1681242571915&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=5&dv=26&

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 19:49:31 GMT
Last-Modified: Tue, 11 Apr 2023 19:49:31 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK consent.php
b.delivery.consentmanager.net/delivery/ 43 B
1 KB 22ms
22ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/consent.php?id=55325&p=2&v=1&ccc=aBPqGUH3gAAJAABAAGAAsABoAFwANAAeABGACUAFAAPAAgACHAKeBYEC0QKNAUtgAA&c=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA&l=EN&lv=0&d=1&ct=15&e=&h=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&e2=&e3=&i=&sv=5&dv=26&cookieallowed=1&reg=1&rk=GDPR&usps=1YNN

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 19:49:31 GMT
Last-Modified: Tue, 11 Apr 2023 19:49:31 GMT
x-cf: 0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
x-ct: 2
x-r: GDPR
x-cpc: empty
x-cvc: empty
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmplogo.svg
cdn.consentmanager.net/delivery/ 3 KB
2 KB 16ms
16ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.consentmanager.net/delivery/cmplogo.svg

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 11 Apr 2023 19:49:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 67888
x-77-nzt: AcO1rgU2xaj/MAkBAA
x-accel-expires: @1681261083
last-modified: Tue, 08 Feb 2022 14:38:46 GMT
server: CDN77-Turbo
etag: W/"62028076-d0f"
x-77-nzt-ray: 25b02131d2f6467ecbb935643e0b0539
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-max-age: 1000

GET
H2 200 en.gif
cdn.consentmanager.net/delivery/flags/ 384 B
893 B 16ms
16ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.consentmanager.net/delivery/flags/en.gif

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 11 Apr 2023 19:49:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-cache: HIT
x-77-cache: HIT
x-age: 67866
content-length: 384
x-77-nzt: AcO1rgXQ5Db/GgkBAA
x-accel-expires: @1681261105
last-modified: Mon, 14 Jun 2021 21:37:37 GMT
x-accel-version: 0.01
server: CDN77-Turbo
etag: "180-5c4c0aa828a40"
x-77-nzt-ray: 25b02131d2f6467ecbb93564bc6d0d39
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-max-age: 1000
accept-ranges: bytes

POST
H2 200 ad Show response
a.teads.tv/page/138650/ 541 B
855 B 237ms
236ms XHR
application/json 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/138650/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&auctid=33045837-47cc-490b-99dd-fc6ba84a516a&formatVersion=1168&env=js-web&netBw=9.1&ttfb=78
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e8252d0e0e68a3b766fdc139543efe434ec32e77cb40eb123ddcb9b7f5447ed9

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 382
expires: Tue, 11 Apr 2023 19:49:32 GMT

GET
H2 429 link.html
track.webgains.com/ Frame 86C0 0
0 113ms
33ms Script
text/html 35.179.69.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3469551&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kz5s7k3g5yn4fscvbzxbqsyq3r4xghww227dfk4246xtgt3g9mmnkqfdt87mgd0qch9jd9wgbhp63g8xprz3wwqn2svyvk958deptg5a4c13emg4aqfhdtyv9r825f9vbyev9wppe5gr87f99d78zn5r2kmqn0jty9erygtr83y2xh3am92yzqw9q6dp5vcsraw9pe66s4efkde4gg5n8fw0entqwphagwr60pgzmgk152qtmktcb6thpe1hk4k68y74p0%26a%3D&clickref=oneidY36crf3f75M7UVH9HetgC6253tkSWt5zcroneid__weihnachtsgeschichten_advancedad_300x250&viewref=oneidxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaAoneid__weihnachtsgeschichten_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=327780%2C196438%2C334900&b=AjMFYfqfRzEZsAHRH4tktwkzfRSbtjeH9%2CW5jhrfdfZBpwcYH5Hjtxtrd3t3Swt7es2%2CxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaA&f=M6EfzfrfkEYmaWHEHGtQCxRZFBS9tqmC3%2C5WdTXfEfWjQZupH7HMtkCb95fYSktARF1%2CY36crf3f75M7UVH9HetgC6253tkSWt5zcr&c=300&d=250&e=&g=b3f7d4c962ec62f632f9f046c52336ac%2F16820318978439459202&i=22886%2C25174%2C71169&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=weihnachtsgeschichten_advancedad_300x250&r=1681242571756&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.69.18 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-69-18.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
968 B 105ms
34ms Fetch
application/json 108.138.189.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-67.mxp64.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:49:06 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront), 1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, MXP64-P1
age: 32426
x-amzn-requestid: c319eeaf-0170-417a-b80f-3c31ba0574ef
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: DNYtZGptCYcFl1g=
content-length: 555
x-amz-cf-id: 0b_lWGta5A_ZDd5bZLEgj_ldwYoyfCpbn1pG9JaFfjkpbWBavuswqw==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 22 KB
7 KB 78ms
12ms Script
application/javascript 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding: gzip
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 02:17:13 GMT
last-modified: Wed, 01 Mar 2023 12:13:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 63140
x-amz-server-side-encryption: AES256
etag: W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 2eS8fDlJssjVor8SVXwhVDP1gZnEiMAiGV0eIyysUm9dm_YxQnBTgw==

GET
H2 404 %2F Show response
signal-segments.s-onetag.com/desktop/www.weihnachtsgeschichten.net/ 0
288 B 199ms
145ms Fetch
application/json 108.138.189.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/www.weihnachtsgeschichten.net/%2F
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-65.mxp64.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
via: 1.1 66a3254753daef98131e391b49752390.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
content-length: 0
apigw-requestid: DOn38h3ZCYcEMZA=
x-amz-cf-id: eqxXtK7HYwVyNAHuO4DWfGzifBM-dDoiFKnlnEFQGOgAnq4tTyz-8A==

GET
H2 404 www.weihnachtsgeschichten.net Show response
signal-segments.s-onetag.com/desktop/ 0
285 B 232ms
179ms Fetch
application/json 108.138.189.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/www.weihnachtsgeschichten.net
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-65.mxp64.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
via: 1.1 66a3254753daef98131e391b49752390.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
content-length: 0
apigw-requestid: DOn38gPjCYcEJWg=
x-amz-cf-id: 03wcBTRtvIB4HSQsoIt-T8KwuDPdZ09xR8epPk0v6mNMFbEBkmuCSA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 180 B
548 B 35ms
34ms XHR
application/json 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3371&u=https%3A%2F%2Fwww.weihnachtsgeschichten.net
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: Server /
Resource Hash: 8452bd0c54b786349447609934bd1810af8c5158d43786939a8cd46c24bc108e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 17:37:37 GMT
via: 1.1 d21c7dc6bfb9c2f00dc62b8a7281a898.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP63-P1
age: 7914
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 180
x-amz-cf-id: ZOaF8nzxG0LMXDHhoG2DjCQysQUNvpJELmcQtt5y2k6UXwS6TPrkhA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
472 B 322ms
113ms XHR
text/javascript 13.226.31.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3371&u=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&pid=vMr1gNmajeAzw&cb=0&ws=1600x1200&v=23.331.1910&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%2C%22900x250%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-4%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%2Fmobile%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-6%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%2C%22320x50%22%2C%22320x75%22%2C%22320x100%22%2C%22320x150%22%2C%22320x480%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%2Fmobile%2Fpos1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-638071695011645892-7%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%2C%22320x50%22%2C%22320x75%22%2C%22320x100%22%2C%22320x150%22%2C%22320x480%22%5D%2C%22sn%22%3A%2227763518%2C22643469963%2FWEBarbyte_GbR%2Fweihnachtsgeschichten.net%2Fmobile%2Fpos2%22%7D%5D&gdpre=1&gdprc=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.31.170 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-31-170.ewr53.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b0ff224008cc113345fc49da87d20e9a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR53-C2
x-amz-rid: 1CW3TR0S6F2YW6D0NBEE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pa6Y3aAoPrkF_rS-P1-zYCkT0Mhy1b4LVFehnErzVMPLWyTlADYedQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 82ms
41ms XHR
application/javascript 18.66.202.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-202-223.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: F_FDbbUyUmFtmAPMghF.UJjGVPnjBMtx
content-encoding: gzip
via: 1.1 377f66adf3e979e5eae2bf83298bbabe.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 17:37:39 GMT
x-amz-cf-pop: MXP63-P1
age: 7914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 03 Apr 2023 21:14:40 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _r8rj1ZSjg1VsUXTRnQi6Zk0WvMIEfbudJbO1Kor8F_7UCTNgN4KyQ==

GET
H2 200 p.min.js Show response
cdn.xplosion.de/adp/profiling/0.3.1/ 6 KB
3 KB 118ms
25ms Script
application/javascript 2600:9000:2249:f600:e:29d5:db00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xplosion.de/adp/profiling/0.3.1/p.min.js
Requested by: Host: ups.xplosion.de
URL: https://ups.xplosion.de/loader/10775/default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2249:f600:e:29d5:db00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ef0a56094a418694fbf1370c4b805a7df2a9787f9dab804d40a0ee24330bb40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: vnL7rOrPh7MFQ3dNiH3_yxdCIgCe6.HX
content-encoding: gzip
via: 1.1 d580de5c96a7c9961c3c26ff049e04de.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 00:04:07 GMT
last-modified: Wed, 05 Jan 2022 15:58:03 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4
age: 72886
etag: W/"8cf378f0f178a23108ac158a07066a82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: W4VFAkkAA6J2Q338CsYTiRQT9cRXQMUJwolrmTj9AwaQekMV-eGUqA==

GET
H2

200

1 Show response
mc.yandex.com/watch/67959763/
Redirect Chain

https://mc.yandex.com/watch/67959763?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A671%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.com/watch/67959763/1?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A671%3Afu%3A0%3Aen%3Autf...

435 B
518 B

52ms
52ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/67959763/1?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A671%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A1641535518053%3Ahid%3A779480821%3Az%3A0%3Ai%3A20230411194931%3Aet%3A1681242572%3Ac%3A1%3Arn%3A1046744668%3Arqn%3A1%3Au%3A1681242572426461360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A29%2C35%2C78%2C2%2C388%2C0%2C%2C250%2C2%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1681242570795%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1681242572%3At%3AWeihnachtsgeschichten&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5685c6d18f3b4ce927735266d3b2c03ba743e7d0c5e45ef030c4b3dbc01f65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 11-Apr-2023 19:49:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Tue, 11-Apr-2023 19:49:32 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11-Apr-2023 19:49:32 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/67959763/1?wmode=7&page-url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A671%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1011%3Acn%3A1%3Adp%3A0%3Als%3A1641535518053%3Ahid%3A779480821%3Az%3A0%3Ai%3A20230411194931%3Aet%3A1681242572%3Ac%3A1%3Arn%3A1046744668%3Arqn%3A1%3Au%3A1681242572426461360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A29%2C35%2C78%2C2%2C388%2C0%2C%2C250%2C2%2C%2C%2C%2C789%3Aco%3A0%3Acpf%3A1%3Ans%3A1681242570795%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1681242572%3At%3AWeihnachtsgeschichten&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 11-Apr-2023 19:49:32 GMT

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
456 B 109ms
106ms XHR
text/plain 34.224.205.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.205.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-205-52.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 19:49:32 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 354ms
109ms Preflight 34.224.205.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.205.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-205-52.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.weihnachtsgeschichten.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Tue, 11 Apr 2023 19:49:32 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
967 B 23ms
22ms Fetch
application/json 108.138.189.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-67.mxp64.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:49:06 GMT
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront), 1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, MXP64-P1
age: 32426
x-amzn-requestid: c319eeaf-0170-417a-b80f-3c31ba0574ef
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: DNYtZGptCYcFl1g=
content-length: 555
x-amz-cf-id: t7Bx4zSprhFpdYl9HJ-igB6FXeURgGzFQvjdPc7MSm3ui_FPJ2rv4A==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/ 396 KB
123 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0ee1b83a672e602c818711d3165f40b3c24571f136a76235b5e01bb542afd62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3482
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125778
x-xss-protection: 0
server: cafe
etag: 17784413963224027771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 10 Apr 2024 18:51:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 506 B
296 B 84ms
50ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.weihnachtsgeschichten.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c43100a4762ceeb85d6059db2560f8b0d6213c3b337a8dd3d6f86bf5b5e808d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271
x-xss-protection: 0
expires: Tue, 11 Apr 2023 19:49:32 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9970.HmZCVul9b5dNohCNx7WRgZ2GESyJ_6Q71ffw3q61WgRHuN5Q8QLFfik5WO4mLXEV.4e31x4GlZLADoNH_tKbA53Q2ORU%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9970.BfQS6nKo4oHFU968Eifjz7DXrb0Q9WTXvX87tbrS1SNHmjbuD5MAH24P8mYwMTSUF3K7Qi00Dnt84NHnU1KNm5fCwNNE-PDrR59wQN4YmYY%2C.lZN27-q1sEHTvXI-bz...

43 B
101 B

54ms
53ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9970.BfQS6nKo4oHFU968Eifjz7DXrb0Q9WTXvX87tbrS1SNHmjbuD5MAH24P8mYwMTSUF3K7Qi00Dnt84NHnU1KNm5fCwNNE-PDrR59wQN4YmYY%2C.lZN27-q1sEHTvXI-bzcokcMg-XU%2C

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9970.BfQS6nKo4oHFU968Eifjz7DXrb0Q9WTXvX87tbrS1SNHmjbuD5MAH24P8mYwMTSUF3K7Qi00Dnt84NHnU1KNm5fCwNNE-PDrR59wQN4YmYY%2C.lZN27-q1sEHTvXI-bzcokcMg-XU%2C
date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 data Show response
ups.xplosion.de/ 1 KB
2 KB 37ms
37ms Script
text/javascript 34.243.91.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ups.xplosion.de/data?title=Weihnachtsgeschichten&hostSiteUrl=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&userAgent=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&userLang=en-US&color=24&os=Win32&timezone=0&screen=1200x1600&event_id=page_view&gdpr=1&gdpr_consent=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA&gdpr_success=1&gdpr_path=v2&gdpr_is_ifr=false&gdpr_cmp_loc_1=false&gdpr_cmp_loc_2=true&gdpr_applies=1&gdpr_cmp_status=loaded&gdpr_event_status=tcloaded&_rfs=1&_sid=10775&_ver=0.3.1&_seg=jsonp&_=689559087240
Requested by: Host: cdn.xplosion.de
URL: https://cdn.xplosion.de/adp/profiling/0.3.1/p.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.91.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-91-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a5bd4dc6b6ce4b5fd25f90bba75bf8d154c328d2df04fcb6cba0282a89a55187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 19:49:32 GMT
cache-control: must-revalidate,no-cache,no-store
p3p: CP="NOI DSP COR NID PSAo OUR SAMo BUS"
content-length: 1303
content-type: text/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 97ms
23ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.weihnachtsgeschichten.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.weihnachtsgeschichten.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
14 KB 1255ms
1255ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86594919401215&correlator=2035950511398790&eid=31072029&output=ldjh&gdfp_req=1&vrg=202304030101&ptt=17&impl=fif&gdpr_consent=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.326.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C800x250%7C900x250&ifi=1&adks=3072894836&sfv=1-0-40&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1681242572411&lmt=1681242572&dlt=1681242571329&idt=854&adxs=0&adys=55&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=830x0&msz=830x0&fws=4&ohw=1600&ga_vid=695011759.1681242572&ga_sid=1681242572&ga_hid=136872847&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

441916a5d24a501c18147761572b98076484a80219acf3fa08d26f0a15bf459c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13989
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 385ms
384ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86594919401215&correlator=2035950511398790&eid=31072029&output=ldjh&gdfp_req=1&vrg=202304030101&ptt=17&impl=fif&gdpr_consent=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.326.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C300x600&ifi=2&adks=1048596850&sfv=1-0-40&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1681242572419&lmt=1681242572&dlt=1681242571329&idt=854&adxs=497&adys=853&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=333x40&msz=333x0&fws=4&ohw=1600&ga_vid=695011759.1681242572&ga_sid=1681242572&ga_hid=136872847&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ff3b8639d495868065a7d768463b690fe14a90c0b0b5a36df1ec4d23154cc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11380
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
13 KB 913ms
912ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86594919401215&correlator=2035950511398790&eid=31072029&output=ldjh&gdfp_req=1&vrg=202304030101&ptt=17&impl=fif&gdpr_consent=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.326.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=1591707242&sfv=1-0-40&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1681242572422&lmt=1681242572&dlt=1681242571329&idt=854&adxs=497&adys=65&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=333x40&msz=333x0&fws=4&ohw=1600&ga_vid=695011759.1681242572&ga_sid=1681242572&ga_hid=136872847&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78fb143007b190d26f1979699eabd9251a9d892a526874860e6d707f6ef955b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13225
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 1631ms
1630ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86594919401215&correlator=2035950511398790&eid=31072029&output=ldjh&gdfp_req=1&vrg=202304030101&ptt=17&impl=fif&gdpr_consent=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.326.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=3271140252&sfv=1-0-40&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1681242572425&lmt=1681242572&dlt=1681242571329&idt=854&adxs=497&adys=873&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=333x40&msz=333x0&fws=4&ohw=1600&ga_vid=695011759.1681242572&ga_sid=1681242572&ga_hid=136872847&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a272d12090faabe2251c1617b917bbc1d68088596c5a8be4d81fa1fc39dd911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11340
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 993 B
507 B 1321ms
1320ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=86594919401215&correlator=2035950511398790&eid=31072029&output=ldjh&gdfp_req=1&vrg=202304030101&ptt=17&impl=fif&gdpr_consent=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA&gdpr=1&addtl_consent=1~7.1317.229.229.1575.2213.326.584.1033&us_privacy=1YNN&iu_parts=27763518%3A22643469963%2CWEBarbyte_GbR%2Cweihnachtsgeschichten.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=3607075237&sfv=1-0-40&ists=1&prev_scp=sovrn-viewability%3DNA%26sovrn-engagement%3DNA&eri=1&cust_params=Resolution%3D1600x1200%26URL%3Dhttps%253A%252F%252Fwww.weihnachtsgeschichten.net%252F%26Host%3Dwww.weihnachtsgeschichten.net%26Path%3D%252F%26wgskin%3Dja&sc=1&cookie_enabled=1&abxe=1&dt=1681242572427&lmt=1681242572&dlt=1681242571329&idt=854&adxs=0&adys=9706&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.weihnachtsgeschichten.net%2F&frm=20&vis=1&psz=830x41&msz=830x0&fws=4&ohw=1600&ga_vid=695011759.1681242572&ga_sid=1681242572&ga_hid=136872847&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38894a9230bb56db5bfd52eda71aa97e9b94486062e533606285855b457b9b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F20 6 KB
3 KB 88ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 19:49:32 GMT
expires: Wed, 10 Apr 2024 19:49:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 20 B
329 B 391ms
131ms XHR
application/json 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=98840942408

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 64ms
63ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

834ca4b06d778e3a64a8836c99fdb7749502f7449dec585212f8019da28582f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11270
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CB79 15 KB
6 KB 55ms
18ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.weihnachtsgeschichten.net&gdpr=1&gdpr_consent=CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 19:49:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 542263
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 82ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 19:49:32 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CB79
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=weihnachtsgeschichten.net&sn=ChromeSyncframe&so=0&topUrl=www.weihnachtsgeschichten.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=JNkpdXxWbkRPKy9zaWFEYm1PbkVuV3ZPUUxjTXlyV2N5THBUSUtIVU1kODhlMm5OaXNFVU1QSmNzSlpPcEFEV2hPMm0xMk84c3ZNZ1RWVjZPVjlFYlpFekduWmw2ZmczbE1BYW1TVnFPWFRrbTdubGRrWjZ5NHZpbGpZd0...

457 B
670 B

86ms
16ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JNkpdXxWbkRPKy9zaWFEYm1PbkVuV3ZPUUxjTXlyV2N5THBUSUtIVU1kODhlMm5OaXNFVU1QSmNzSlpPcEFEV2hPMm0xMk84c3ZNZ1RWVjZPVjlFYlpFekduWmw2ZmczbE1BYW1TVnFPWFRrbTdubGRrWjZ5NHZpbGpZd0RwTXhIVDd0eTNveVVGMStITlhyK2Q2NnRKTWEvYUw1RmV5OUl6MTBUY0lLSXJhb0sxOVdkN01wQ1lJU2lxUmwvaW1UeUZMSUZMYzNpTGdoVXJpeVY4U1JVMEV5Tm5PblRVL2IyTnVERm9KVW1nL1daZVNNWFROTE04a2dqL1JJVDl0WXA2N2hlRlNBdkcxcENYaXV0RFBSZjB0b201d2w3dmxKR1MvdCtMd1pXOVJPVnBuYz18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf3ec9895ff48b1e3211a783adac4f32716e64d669e319ea55e7cfe19cda73f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1794441
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=JNkpdXxWbkRPKy9zaWFEYm1PbkVuV3ZPUUxjTXlyV2N5THBUSUtIVU1kODhlMm5OaXNFVU1QSmNzSlpPcEFEV2hPMm0xMk84c3ZNZ1RWVjZPVjlFYlpFekduWmw2ZmczbE1BYW1TVnFPWFRrbTdubGRrWjZ5NHZpbGpZd0RwTXhIVDd0eTNveVVGMStITlhyK2Q2NnRKTWEvYUw1RmV5OUl6MTBUY0lLSXJhb0sxOVdkN01wQ1lJU2lxUmwvaW1UeUZMSUZMYzNpTGdoVXJpeVY4U1JVMEV5Tm5PblRVL2IyTnVERm9KVW1nL1daZVNNWFROTE04a2dqL1JJVDl0WXA2N2hlRlNBdkcxcENYaXV0RFBSZjB0b201d2w3dmxKR1MvdCtMd1pXOVJPVnBuYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 424204
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D6C 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2A01 783 B
1 KB 70ms
34ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b9027d30580fbd9485018b4d4d9b2a6bd19854aedba61de71f20602c7d96c60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9bWdBCR8GY-WjDswRo4DnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-9bWdBCR8GY-WjDswRo4DnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 19:49:32 GMT
expires: Tue, 11 Apr 2023 19:49:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D6C 36 KB
14 KB 86ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 08:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 08:53:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2A01 0
0 60ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304030101&jk=86594919401215&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 83ms
20ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5985
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aHpuItvahnJCxTKDKhC6SnLtCXHdqjL1ic4qHieGZh66XEAK0bnnSgYsdTZhhdr0kzSYFgIQl%2F%2F7HP1mdIQQ8AUHY%2BXpS6eDLkspXAHpmZs9VjJhmrCkOxXtaP4vqIYgLY503Ts6C3liugRJgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b65c0e0cc89b743-AMS

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 93ms
28ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: NPJKRCKCE05AE40D
age: 1515
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7b65c0e0c9d10e88-AMS
x-amz-id-2: SVTd7px0oa9s2g16ZMEbtjbSm+9mjgny5JAItCXVA/BBc0mwNgZ0tsF0wNTOKJEbYhxhorsH3w8=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 159ms
158ms Script
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:49:32 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 110ms
26ms Script
text/javascript 2600:9000:2361:2200:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2361:2200:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 03:30:10 GMT
Via: 1.1 fa61e4661f112bc4711a7b0200263e1a.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: LHR50-P2
Age: 58763
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: TeiEHkFu80Ocmt6VgSHVDhNM6A7wKnJDuMXwwgLt05dNTPV1U7lDkw==

GET
H2 200 container.html Show response
4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B03F 6 KB
3 KB 20ms
18ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 19:49:32 GMT
expires: Wed, 10 Apr 2024 19:49:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame B03F 8 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/error_handler.js

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3465
x-xss-protection: 0
server: cafe
etag: 6788195977828770272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:43:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame B03F 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 19:31:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame B03F 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:40:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B03F 0
0 22ms
22ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOMb2WQXRLmtCopKHmaPQTDnEWSB49zQ7F2vGuhcD4vlVgW2OygrkaU9MUwnauPrbUsloiDVsUDzt_kB8UFkdrJ8asNg
Requested by: Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B03F 24 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B03F 159 KB
49 KB 76ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 19:49:32 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
230 B 129ms
128ms Ping
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.weihnachtsgeschichten.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B03F 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP0YJzLk1ZJmqHpTmxgPvyLeQDsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMjQ0MjM5MTM3MTEwNDA2N8gBCakCYFwDHvNKsj7gAgCoAwGqBJwCT9DbDFqAwU2JqelFYM5ZBi05otMiVdH3E6PkVTSXTP4rDXp8s3-FY6eBoYtmHGhXFPwK07FNZkW_T24G1xG8HzNJrkn6XHB9B_3OYTJj-0phnWf9Uo-epClPadKgO6ThL-VCF98E7LOZ1qzWUUuUYUl_a_QzLMlChpm2hF4BPfw0RTNed7N7nXLC01BsY8_C6NnJBlOPBhl4fXnYpzBf9C6LVEAoFCg2AJPiqoXzIjJiVZ630AEFJ9eBDTvH4kS0GNehLfdmst7MDWKTW9GtTVvtnC431_SNIWzil8NoMTeNuQLAwfGa5BUaV3RO14bDg1nWXxfhRpJD5aEoOL5GNELEa2TCi6H6lG33vED7m7vgcKmTqntTiLPFSEvgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggQCIDhgBAQATICqgI6A4DAA4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yNDQyMzkxMzcxMTA0MDY3GLa4Ew&sigh=I5wiDAOoMZ0&uach_m=[UACH]&cid=CAQSPABygQiDlYiLEPnuyA-3t1EwflhPPBHe99xYhOCKeRUL5Riy2THYcF9sb0zvKJv5MypSHq4X3iMaG085ZxgB
Requested by: Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame B03F 0
0 71ms
18ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EPGHB6wC2ASdg2ICAgAAAKd9-7_9SRTy_cKMqR8Omu8Qy7k1ZCFPfWRT5Df42A4AABIAAAoKQVFVQkR3RVBEdw&wp=ZDW5zAAHlRkKcbMUAA3kb2J1XEv3B99a_fD4aA

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 176922
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DE94 160 KB
51 KB 139ms
84ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDW5zAAHlRkKcbMUAA3kb2J1XEv3B99a_fD4aA&u=%7CcgowlI8UyoxSCKIVH53qXjrfr0ctMtndtkTQA6mlSvo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA8e3dAvOpUVbXMdIXFdKfuRV6bRsnXUd-gUgdxOPxmchbZXE1KGmfTJZ5qbo2O41A2JYYLL6SJYndhVw4D98kCvMA1LQPQ26LuVhd2mjF3VcfUgN7F3LZvAFjw7rhnuJfLlLBIua74Tgqn51_RyjrXqX8F76j6FcKOfxSmCKFE-nd5wHnKQKSFRubshML9tgSWxtXor25qPP78GH6GKUFU4Of9uhXhprGRh9dch0Zy98Ow4wxRQt67X3VW_PpSA9vRG-xE3pkKpIMsefhITzxZWuBcDWY8EM1uFi8R0gE4e-_yGsLWoJQWva8QQ1D9YiYXJbQYrEhtitKgClJ22TabtF1TQq1E4Y0V_uaRsLsCCAKV8Y4Ai7DoMfIKlMG2QDaOYga1sNlwvDL8qym0QWpx2FFe4rz18i_GmmqYWpPeUswHHKo4jl5rlcyWnOkNGrgHC3M2g4tys2mepY6ob_6eHL7CJoBICgt7fon7aGFbvbKUXCmf8glilvnBIBzXSTSnUuxp26p6k2t6SNCCMZPnytJ4-LcU_Q_c_b8crK4_TPDKOMBtQeXofuxP-0Ci3Afce0LHaupV8J5i2DxIL-xiZowwh5ODMcuqc5V2FQ13ZTL8hDbebh0HQxsIMdE6YEU7HKV_qLpOECnrk8qnFrTQYtxJ-xKdo0khrDOfAaBhYUrJ5AoMFK671bG2BcLYTN0GZLg55Xy7-LdCjJEzOo0qA_2XmTiv6juiyTBM-JLvzjpg0NnQVyP3O6KGBbzglisgwRdHhAep0f4Yr8HG6cofSEKaSa_4yBpTCJFgVu3ANxfARRHq-o7Kk5ERFwAQX3LU3W3XdWpD2ojL1i9_3V2FScsAjg1mPISoYGjsVJiac8-MwsMudz3oSTi1gXm3mVwpucjoeggbrJnkpu9XvVfDi-74EVgiDN7lBLN7w8xjIsTH2fybQFNOUTg8hfwyW7eFSPXCuR_lqpcyalqhC9IwY_9ITAgYZvDyD5GZua4guHOn_Ko_Grod9bYANzILK01Za0ljNAp7hBg0jDro_ek4_0U5isSpgy209egxOoV6FiFh7OFhc573FZIOl6myG1gj2bNWZh1sbf5vJfxmuV4r2CdBZXrIgRKWlnUmV7s7J1eyfxapEPeqThWp160mTFhfsWGsl_tH7jZLdNjDtccjEigNzH_TyMjiheblPih8iwUk742gZ0ylPO0WHaHvde_N_fDptHkR2-BHNn-jlmTOw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAfBpzLk1ZJmqHpTmxgPvyLeQDsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMjQ0MjM5MTM3MTEwNDA2N8gBCakCYFwDHvNKsj7gAgCoAwGqBJ8CT9DbDFqAwU2JqelFYM5ZBi05otMiVdH3E6PkVTSXTP4rDXp8s3-FY6eBoYtmHGhXFPwK07FNZkW_T24G1xG8HzNJrkn6XHB9B_3OYTJj-0phnWf9Uo-epClPadKgO6ThL-VCF98E7LOZ1qzWUUuUYUl_a_QzLMlChpm2hF4BPfw0RTNed7N7nXLC01BsY8_C6NnJBlOPBhl4fXnYpzBf9C6LVEAoFCg2AJPiqoXzIjJiVZ630AEFJ9eBDTvH4kS0GNehLfdmst7MDWKTW9GtTVvtnC431_SNIWzil8NoMTeNuQLAwfGa5BUaV3RO14bDg1nWXxfhBJBidyanpK35qFZnu1lkc6juntv9klh5L3Pd1lsstFdLDRlBW_RAM2jgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggQCIDhgBAQATICqgI6A4DAA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zM7ZV7niFcpJIaP-QSKFTIv4fxA%26client%3Dca-pub-2442391371104067%26adurl%3D

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc3c32f656224f3d978f98454eccee6efd0426c6395d78c6c3b04d381ccc6284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 19:49:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JUxCEVI4A59-HRhVbhg0zisHIlvaP4EOiUudzcL-0bxo6BE9gr6r0MW1EKkeQY_2vIf6e1wLEpZxC0nqSKd2T339ym4m7iyrs10ioNGx2YZx5rhuHldjGrc06vshC2uVgZ9ge-4bvwjfa6z3Dv1cYVFeOtS68pvyesN3-01k6KS48J4r99eiMLoA4BgSK4wuALaJxVkgO6uLfak1NLcE2wC5Cn4qiebbVkdEHXYouY4JozJDVCU9y_9pogBYeeFshGu6HA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65759842
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D6C 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?doannQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame B03F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1a3fceb926bc83c90ed9a582c94bee2ed6a2a804fd6b571a1c8c3e21631986e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
338 B 68ms
20ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.weihnachtsgeschichten.net
date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DE94 2 KB
1 KB 133ms
132ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDW5zAAHlRkKcbMUAA3kb2J1XEv3B99a_fD4aA&u=%7CcgowlI8UyoxSCKIVH53qXjrfr0ctMtndtkTQA6mlSvo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA8e3dAvOpUVbXMdIXFdKfuRV6bRsnXUd-gUgdxOPxmchbZXE1KGmfTJZ5qbo2O41A2JYYLL6SJYndhVw4D98kCvMA1LQPQ26LuVhd2mjF3VcfUgN7F3LZvAFjw7rhnuJfLlLBIua74Tgqn51_RyjrXqX8F76j6FcKOfxSmCKFE-nd5wHnKQKSFRubshML9tgSWxtXor25qPP78GH6GKUFU4Of9uhXhprGRh9dch0Zy98Ow4wxRQt67X3VW_PpSA9vRG-xE3pkKpIMsefhITzxZWuBcDWY8EM1uFi8R0gE4e-_yGsLWoJQWva8QQ1D9YiYXJbQYrEhtitKgClJ22TabtF1TQq1E4Y0V_uaRsLsCCAKV8Y4Ai7DoMfIKlMG2QDaOYga1sNlwvDL8qym0QWpx2FFe4rz18i_GmmqYWpPeUswHHKo4jl5rlcyWnOkNGrgHC3M2g4tys2mepY6ob_6eHL7CJoBICgt7fon7aGFbvbKUXCmf8glilvnBIBzXSTSnUuxp26p6k2t6SNCCMZPnytJ4-LcU_Q_c_b8crK4_TPDKOMBtQeXofuxP-0Ci3Afce0LHaupV8J5i2DxIL-xiZowwh5ODMcuqc5V2FQ13ZTL8hDbebh0HQxsIMdE6YEU7HKV_qLpOECnrk8qnFrTQYtxJ-xKdo0khrDOfAaBhYUrJ5AoMFK671bG2BcLYTN0GZLg55Xy7-LdCjJEzOo0qA_2XmTiv6juiyTBM-JLvzjpg0NnQVyP3O6KGBbzglisgwRdHhAep0f4Yr8HG6cofSEKaSa_4yBpTCJFgVu3ANxfARRHq-o7Kk5ERFwAQX3LU3W3XdWpD2ojL1i9_3V2FScsAjg1mPISoYGjsVJiac8-MwsMudz3oSTi1gXm3mVwpucjoeggbrJnkpu9XvVfDi-74EVgiDN7lBLN7w8xjIsTH2fybQFNOUTg8hfwyW7eFSPXCuR_lqpcyalqhC9IwY_9ITAgYZvDyD5GZua4guHOn_Ko_Grod9bYANzILK01Za0ljNAp7hBg0jDro_ek4_0U5isSpgy209egxOoV6FiFh7OFhc573FZIOl6myG1gj2bNWZh1sbf5vJfxmuV4r2CdBZXrIgRKWlnUmV7s7J1eyfxapEPeqThWp160mTFhfsWGsl_tH7jZLdNjDtccjEigNzH_TyMjiheblPih8iwUk742gZ0ylPO0WHaHvde_N_fDptHkR2-BHNn-jlmTOw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAfBpzLk1ZJmqHpTmxgPvyLeQDsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMjQ0MjM5MTM3MTEwNDA2N8gBCakCYFwDHvNKsj7gAgCoAwGqBJ8CT9DbDFqAwU2JqelFYM5ZBi05otMiVdH3E6PkVTSXTP4rDXp8s3-FY6eBoYtmHGhXFPwK07FNZkW_T24G1xG8HzNJrkn6XHB9B_3OYTJj-0phnWf9Uo-epClPadKgO6ThL-VCF98E7LOZ1qzWUUuUYUl_a_QzLMlChpm2hF4BPfw0RTNed7N7nXLC01BsY8_C6NnJBlOPBhl4fXnYpzBf9C6LVEAoFCg2AJPiqoXzIjJiVZ630AEFJ9eBDTvH4kS0GNehLfdmst7MDWKTW9GtTVvtnC431_SNIWzil8NoMTeNuQLAwfGa5BUaV3RO14bDg1nWXxfhBJBidyanpK35qFZnu1lkc6juntv9klh5L3Pd1lsstFdLDRlBW_RAM2jgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggQCIDhgBAQATICqgI6A4DAA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2zM7ZV7niFcpJIaP-QSKFTIv4fxA%26client%3Dca-pub-2442391371104067%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DE94 2 KB
1 KB 128ms
127ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DE94 308 B
636 B 129ms
128ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DE94 293 B
621 B 134ms
134ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame DE94 43 B
348 B 136ms
20ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=yTBid8b0aQ7RhW7NBdfL22k_mhrhECp5NsNHiVzF5MFz-95d69EFwF4DtudSirJ7xfvNNGV7RDVwcYW9NBLc2UlIXIVjL1PU4w1O9MU92Ma3nsaXyPOOTBMPYIXe-eLnVGgXBABnGLpmWXKI60PNUPOXKufpWx8mwdML0xZ8SKFpM2T97ic3CMe-ImQhMVwZr84N0ceSmbBjrsRhSM9kDfDYBhIiuN2MqIV4AHDCVLI4OfRBcMZQyP4rZyV941YInEb7ljOV9MbU2sAEs0FPEt8tt2vWZkwFKlKhgxINFAZ4KygTTHDTA6p3jP8ICqsLeXXkMqYqAWehNPp8VQ3VdkLD7ZBTeNqB392YvDYCu27JnfbIiwVi0mvprwFsKkgclDGTFIhVZqaXp4TBA1PBmcJkgwcCwwtpex4IdLR9CCjISIEm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2964103
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DE94 12 KB
5 KB 58ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 516292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZH8NQ5eYX%2Bq18r66i%2Bco5ZmLBZcdfkR4LpW2flQXZi1laoHXbgG%2FqtyVpqjgRzoUZjY8MxjFt4uBrtYmTc7sv4dwW9ddvK1LUiD9zReHuMrdIA2%2Fg9LdhV%2FUXXd7MvlYYdd2uu8%2FNKIqBTKqrUz%2FV6pa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b65c0e1fdd5b945-AMS
expires: Sun, 31 Mar 2024 19:49:33 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame DE94 46 KB
46 KB 516ms
260ms Font
application/octet-stream 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame DE94 38 KB
38 KB 677ms
421ms Font
application/octet-stream 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DE94 12 KB
6 KB 143ms
143ms Script
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DE94 5 KB
5 KB 44ms
14ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=104&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230313%2F083d2df2aad24ff99da4ddde5249fccb_bonprix_logo_rgb_pos.png&v=3&w=596&s=xkojruDppdCv_86Xm50LQznb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f507f21aed06667c8a48e3556c929f0d3001bb708ff60bc4ca6c026369e5a65d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 4933
expires: Sat, 30 Mar 2024 08:47:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DE94 60 KB
60 KB 65ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230322%2F82c24e6e8cb24b10bed5c49ff1a90aac_img_square_1.jpg&v=3&w=1200&s=Tmtsf5bSrGfdUv-EErwtkeg4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bd24b4b8c732bd80d88debc30a03de2edbde4605a3732e2cc0cdc376a1226ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 61102
expires: Sat, 30 Mar 2024 09:01:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DE94 18 KB
19 KB 57ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21312375-7awBP5eY.jpg&v=3&w=400&s=_jyyL-WiQRlPVks84nH30Pgu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c8fe9974d280ce418c27964e3bed959eb66245539f9a3750d89b5d3ede82deb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 18906
expires: Thu, 13 Apr 2023 16:24:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DE94 13 KB
13 KB 78ms
49ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1475740230%2F16209727-6wnyNe0i.jpg&v=3&w=400&s=iXwa8LSIVCjBKattIYfK37lu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d598e12633ef08d87ff323a25960b1e9615d89cd8303e795cc5639099356fcc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 12954
expires: Thu, 13 Apr 2023 17:07:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DE94 37 KB
38 KB 87ms
58ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22243969-8wC1DnoI.jpg&v=3&w=400&s=lr6Kw8XWmuAxr5zeRWEGZKGU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5afd32df487fe176ff7f72133df6c123d0c5c9d8d40c07633f8f294c24d4c2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 38374
expires: Wed, 12 Apr 2023 13:25:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DE94 43 KB
44 KB 81ms
52ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1610962299%2F21009275-aLEEk034.jpg&v=3&w=400&s=pTXfj3STA8E4oZ5MxhkfGLck&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

558af190ee1198816209d5380742cc77f5d95268c8370eef630406372608da55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 44460
expires: Sat, 15 Apr 2023 17:51:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DE94 8 KB
8 KB 51ms
50ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1526645088%2F18140319-mMSqAZPu.jpg&v=3&w=400&s=a-nVAQvOFZ6Diuu5iGZnkLnL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d34ddaf3483baa928b87cb4aacffe018dd3629135d76069b1a88c78ae03d98ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 7768
expires: Thu, 13 Apr 2023 10:33:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DE94 9 KB
9 KB 49ms
49ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1541573180%2F18316508-Fn21UoMR.jpg&v=3&w=400&s=PgMu1WiaOuh2y0iR0WGsjU0h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42de4c706cb11215305adaef950fcc4d1f99bc15b7a40db694279ed9ca2928c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8736
expires: Thu, 13 Apr 2023 16:17:57 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DE94 0
128 B 44ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=JUxCEVI4A59-HRhVbhg0zisHIlvaP4EOiUudzcL-0bxo6BE9gr6r0MW1EKkeQY_2vIf6e1wLEpZxC0nqSKd2T339ym4m7iyrs10ioNGx2YZx5rhuHldjGrc06vshC2uVgZ9ge-4bvwjfa6z3Dv1cYVFeOtS68pvyesN3-01k6KS48J4r99eiMLoA4BgSK4wuALaJxVkgO6uLfak1NLcE2wC5Cn4qiebbVkdEHXYouY4JozJDVCU9y_9pogBYeeFshGu6HA&sds=2&rev=85712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 19:49:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DE94 2 KB
1 KB 138ms
138ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DE94 2 KB
1 KB 135ms
135ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:33 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame C5DF 222 KB
61 KB 93ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame C5DF 15 KB
5 KB 118ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame C5DF 94 KB
28 KB 119ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame C5DF 5 KB
2 KB 123ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame C5DF 40 KB
13 KB 124ms
48ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C5DF 8 KB
1 KB 69ms
24ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 17:54:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 19:49:33 GMT

GET
H3 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C5DF 3 KB
3 KB 20ms
16ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 6261
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2958
x-xss-protection: 0
expires: Wed, 12 Apr 2023 18:05:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C5DF 295 B
319 B 19ms
16ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:10:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31155
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 12 Apr 2023 11:10:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C5DF 0
0 64ms
61ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGFHSzLk1ZKCTMMzN1fAP9dGamAbZtYDCar-7y_uMB7XJ_d8FEAEggv6mF2CVgoCAuAegAZW2r54DyAEB4AIAqAMByAMKqgSDAk_QBMOyxnogukUiH3ajKIpnwOsr3ztaHpVkdSL3gUC7__zA6370Nxjk65tIUsG9Kam53nOKdewx3j3G380n6q3dBK1rKnlsRNQQ9a1UJBwSz9NreQhm0sQuy9s7nHqHmPX4St5OWlujVn7lsPwD97-lT04YWnj4MUG9P7jYUPYbKXyPpUqjS9uSm0hgG9Ux7fD9aBMMLrMkNwZNo9xiVrZ_NrjzGf3i4EiFP_C659oWSyYuJHfGBOMRVSlBeLyB5sOMMTjsW2vunei4kcIkFQDrxblIcYv0WAKcDVfnjT7G3Q-9G0-XS3Cda2EMbn4FJiOUTo8GxANfvu4M0dEn2V-bk0rABInzovvQAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZRgAfTydBhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-PYD0ggSCIDhgBAQARgdMgKqAjoDgMADgAoDyAsB2BMMiBQC0BUBmBYBgBcBshceChwIABIUcHViLTk0MzEyOTgwMzU1NzkyMDAYtrgT&sigh=S-pEfdh9-Xc&uach_m=[UACH]&cid=CAQSOwBygQiDQU_1-HibqrBWCVYD6QfsiEHy5gjmXN8WhkPquo04_wiQWFTqHjoygQ4sMIBa3l0gOgjUeBlYGAE
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C5DF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b93e36b2cc1877a0bb4c842ef833fed8ae69ab78fa0920b91933f641fb5e55d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame C5DF 29 KB
30 KB 53ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weihnachtsgeschichten.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 78880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304030101&jk=86594919401215&bg=!jY6ljtrNAAYIJb0jKCU7ADkAdvg8WrI_MxGU6PM5gfDvfFdDIP9Zci8FQktl-f0rQKa9oDMIE6Te85ohVl5rxkUPah_Xa6Be0ZMCAAAAflIAAAADaAEHmQKmHqT1Cox4riKgpGfavesc-V9mp9oH2K3CzodQAwHK4mwfqnFd-C-4wcDY94dYBYVfUdMESILrb3bcWxXKhAprAZimRm1IuDs0x9sKPWXZF_RnObbgYTReMQFUXa-ci7r2Vag214zLL7GQIpDSA_BVZkRIY-XHkSapSDl3IuvJpPZV69WJbH4mpq8ymwgyplZBEkkKN4Exn2eWNdjauu7RhRPRYyvkQVTUx__P3pmU9rsXFSxRsCU58mcgdZbX6YefftvKide4CWvPPDFldDE0d69O_nOdZ2QX7qqwYSJUjzQ94oYlVSmJLidw4u2Ep1RglOZQSkzb-PFovxitcaOhc1AkgO5cVM_DAazKfgvCcPX43IZiA-0zJa6tDSYXbINOyGAIDKC4bhpQpc8rFU31YA0q9dimEzqQVBODTJeHS4cbAA0vpMaREw8MsEVJeyV950aXiy-HiwEajOnpIXI0d54go2nbTY4YBmpzR06jf3dnEP_K_4nFztJ4z5xcrpmpUHlNtQIMneG-sJB1KsHtgHJKyov8yr8REU0-Jg8A3rVT8uUTnDha_mWRmGkwLZbn0-t1O5aETN8ZUPj79OaTjT0Ztlx3ZJB1iTuZdxe7t79r76okJI1ammCWLj7w0p_qghNXi6SQANJMy18onleJ14lD88bCArkVvuuJfZWm8jLphz-2l-HLNHfKdibVVce-fGm3Wu1AEGzsIYC3Sx_sYEVFectt6HG_Ae5oaHSlG8mucgfkqi8tTWVQuT3M_4oBLJkKq8sjHyyGoIvqrtlf5_Bm8upctZmFudhDhm8nZ-EzB7JCEGcz9GE9NpVGSd9P4mKsHx3FEt8nR-oiAq2hLwmavQ1olXH0DCe5RLrDd77fyyb8RY8xIWXlkHFFC1s301btumqp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C5DF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

68ms
25ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date: Tue, 11 Apr 2023 19:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame 078A 222 KB
60 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 078A 15 KB
5 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 078A 94 KB
28 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 078A 5 KB
2 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame 078A 40 KB
13 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 95967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 078A 8 KB
966 B 28ms
23ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 19:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 18:15:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 19:49:33 GMT

GET
H3 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 078A 3 KB
3 KB 19ms
15ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 6261
etag: 6601037253665971276
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2958
x-xss-protection: 0
expires: Wed, 12 Apr 2023 18:05:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 078A 295 B
319 B 23ms
19ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:10:18 GMT
x-content-type-options: nosniff
server: cafe
age: 31155
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 12 Apr 2023 11:10:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 078A 0
0 28ms
25ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLL-_2RkfDkJpqB6cS6fy5tRaUwXRcDIRFxfglWaqwuEwSFtHfZT0hfxUraXeg8TFDdYsN_rmeRw_-eZ4npTYvpVVX7w
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 078A 0
0 61ms
58ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CChPFzbk1ZNumEf2g1fAP2-GhmA3ZtYDCar-7y_uMB7XJ_d8FEAEggv6mF2CVgoCAuAegAZW2r54DyAEB4AIAqAMByAMKqgSAAk_QZBBj3DBzuQdsYWnxvUSNuDKB-KjObZhszn9lkWcTca-6rS-_64_TOrgeiGzUB4WtmRA5ZlgSYwctxUcHQ5yR1T1K-tjmCL_kydErjbbPzijXlQnB1_LbkXy_X_diM65gYMNok74EgvcAW6Hq53vdLCSyOa_Jo2Z62iJ2EjZwAbo_f8fgD1HQUbWi8l7LOKwBn2B1PeX0cvg2Ivbb6K-yOhQd0KTY1Yactn41jgyYmtiylgKofD91Qxo6WRUjNKpoTl-Iap9VWktFfzTSpfjJuckm78_kOfVqypR12HjKP3XWoWTVtrRYQsrDh61d7b7x8RyaSmqntIASnztxsV_ABInzovvQAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZRgAfTydBhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQzLoF0ggSCIDhgBAQARgdMgKqAjoDgMADgAoDyAsB2BMMiBQC0BUBmBYBgBcBshceChwIABIUcHViLTk0MzEyOTgwMzU1NzkyMDAYtrgT&sigh=YF6C9QVBDKk&uach_m=[UACH]&cid=CAQSPADUE5ymo-fJGlSIX6YhWTrLJqCLdQZ_1NNOn3RWg2qH-atodWMO36Id7Sy9Egd5-1yNZuM4lL4lTlsPHxgB
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 078A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6aae9c185806eb037c8c72be952d28e4d3188857aa12965bb132a5a782f94ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 078A 29 KB
29 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.weihnachtsgeschichten.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 78880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 078A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

28ms
28ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H2
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date: Tue, 11 Apr 2023 19:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 078A 0
234 B 382ms
127ms Ping
image/gif 2607:f8b0:4001:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1681242573800&qqid=CJvB8tLMov4CFX1QFQgd23AI0w&rt=any.link.7.q.a.f.0.0.1by1.1bpp~any.script.8.o.1.h.0.0.49q.41e~any.script.8.v.7.i.0.0.mk7.mbv~any.script.8.s.1.l.0.0.1p8.1gw~any.script.8.s.1.m.0.0.a7s.9zg~any.link.8.u.1.o.0.0.wd.o1~any.img.9.p.6.e.0.0.2ii.2a6~any.img.9.t.5.j.0.0.gj.87~any.img.a.t.13.0.0.0.0.0~any.img.a.1r.21.0.0.0.0.0&met.a4a=dcl.6~ol.6~nvs.1681242573690~ini.1681242573801
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c08::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.weihnachtsgeschichten.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EACD 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weihnachtsgeschichten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 19:49:32 GMT
expires: Wed, 10 Apr 2024 19:49:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EACD 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxxyPzbk1ZNnOLcPBxgPHv4wIyZ7SsVzVnZH3cMCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0yNDQyMzkxMzcxMTA0MDY3yAEJqQKyZy8ba0myPuACAKgDAaoEmQJP0LobEYxQqZKnvPOx6Ej9YLEjkzDuWQFPEsIJBJU2GBgsNAL9-44it6BN-NnuJ5kgugiTMiOaPgGlv010g5cUsSoRZZKC5E1Qqx0-8tD3QcOATsp1titK1BDdDM2Et6zAMlh6HmWz5w16nsMDOC0vQQ8a5Ud0vZLyvqh9JZ4myW2DwSXarm7bcpYnyCa0yG1geCuF14oOdSIRahrPyzR6wjjIAbxmXqYpR5JFlnRYu2oUOUt5QJrkpaINY4RK1The4tlZ7HzhDNIugVOzxloLkcmTDmPBI1LDcvzdCxn0JrJH4gA_4xaABf7l2PnRMCmEwBU5JguHYVjm5NAjrWZCnY3XF4OKLy36qQEI5ebA_88J6K1xmKkxouAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBAIgOGAEBABMgKqAjoDgMADgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI0NDIzOTEzNzExMDQwNjcYtrgT&sigh=0xLL4rRclcI&uach_m=[UACH]&cid=CAQSOwBygQiDwzdNJoFMQB4N210yKDMndh4RiwpJ_qnK5S8jqSQ7oa4jbB2tw6_fstwtqQGSIVIgg8qZaVS8GAE
Requested by: Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame EACD 0
0 43ms
13ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EPCHB6wC-gGdg2ICAgAAAKd9-7_9SRTy_cKMqR8Omu8Qzbk1ZLKkIrPeJ05dDbcAABIAAAoKQVFVREFRRUJBUQ&wp=ZDW5zQALZ1kKcaDDAAMfx_CTHvlaMSuqVGyW9Q

Requested by

Host: www.weihnachtsgeschichten.net
URL: https://www.weihnachtsgeschichten.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 170248
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 16BA 193 KB
57 KB 101ms
99ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDW5zQALZ1kKcaDDAAMfx_CTHvlaMSuqVGyW9Q&u=%7Cn6kHlRSpbS3R8b9oel5zSBuXplFIAVJUvdp%2FIU4FvGs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZes0XRMyVMt2NSKovuat8dVv_gb-hLv0X_LZiqFHZaHV6eu-D4cKoREtp2C9nC4lZdOYlJlhiu5RmPn50A9FCAKRSagbCoY3Hrd3BWbPjnfWGrMNtQNiEJBvvrtBv_qGvZinyKPV4DUyt4OBAc1_7AS2vxziVYMeaesTJ9VoZGCTkk_w3Uukn3Wil0MrSaKMwEZck5k3m-1mE4yDrnao5Va6s2pLjDvelCoB05XDOk28IPcDHr67EOA-IJDrgMYxJNyzGQytxEqVOHIwZSgbDu1_ALijluvuMcy8YAafZQl6ojncH6SlC_V6LypPKfvHWOrOmKkVg_w4owDFW-QlTdJBjaFWMdE4rgQtj0UiyjQrjrFdSIZHKBZ6OeSKMq2f8Lb7OzEkqyiZy_M9gQzlugrF67Q35ssAAn6mV__x1ohNPQSlz97STEd8zmyEXB-JF1Cmvkywadfqr0L9rPeuTwJfCVnC3qBaZNIXvugJNmRg_tvxypEDnsNKSAZpt_TjLWw20te8Uvs2tIRWS27P9biroZusAtOfrdIJrpEHfmX1hmaVklyy5T3Aq3pIx9AraKgEgG0Y5aMbGsjvJ1-Io7yuS87SZqutdFnYU1u0FU26nxWi6S6UvOPpIyHMzM9sREb4eLgclIv5e1uG3hNDPM14A7iOaBxD_UnX9GzTuvTLkjhJwblB3YONAglrml_55Vcn1QU3S3sHqR8X5rFuiL1wPry0N3FuYVIDxfXTjog0p9NAOk6iDmwUAqdptYhugYnHt9f8wHAoB1dWg2LG9sqfSYJzDUbxdCOGDNYwlopTw_8COeCzc2oKpNw6yo_qphJz4Que39WMFhnLO6sOJwdFKYNZSpjwNglwP1aJd5qKyhPKZQmUksSHYOp3oWDVwkrn52y_VW--V07MDb-J_KSajxpepjoaCCO6xT9AgKzienu5UA1YZ6f0QwnkO81qy4HRleX8MMWwa-2VmUgB5M0_KNgLemTGunr-QeS3EZfAtmTC22IkbK4Ii_ezPLAaiEwqXOFTEix-OJCFTF0vVyhgExZeBhiiDHRSEkQBBv_4hrY2Bv3l1BxMIWflX368cTvQTmmW-An2_Kh8guPmpUyPvlpaj4L0Wk71Hco1E9nIhyU2xMSg9kaCCEj77xTPMFz-GEAI53KcOTpcXSCq1qEc-ZYfibKrGJysZnQxX7WN2O7k0RQCIAgkfof0FsZoHu4d5YY5r05bw52HBNhYEqcU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpDbzbk1ZNnOLcPBxgPHv4wIyZ7SsVzVnZH3cMCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0yNDQyMzkxMzcxMTA0MDY3yAEJqQKyZy8ba0myPuACAKgDAaoEnAJP0LobEYxQqZKnvPOx6Ej9YLEjkzDuWQFPEsIJBJU2GBgsNAL9-44it6BN-NnuJ5kgugiTMiOaPgGlv010g5cUsSoRZZKC5E1Qqx0-8tD3QcOATsp1titK1BDdDM2Et6zAMlh6HmWz5w16nsMDOC0vQQ8a5Ud0vZLyvqh9JZ4myW2DwSXarm7bcpYnyCa0yG1geCuF14oOdSIRahrPyzR6wjjIAbxmXqYpR5JFlnRYu2oUOUt5QJrkpaINY4RK1The4tlZ7HzhDNIugVOzxloLkcmTDmPBI1LDcvzdCxn0JrJH4gA_4xaABf7l2PnRMCmEwBV7JCoV5td692-_ucWSoCsvHpeAmSfUsYO8LdtmDXAXxLX0Mi0iHf9Yw-AEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBAIgOGAEBABMgKqAjoDgMAD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MsZDr8OT2VprFfKd87alr65C7NQ%26client%3Dca-pub-2442391371104067%26adurl%3D

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4fd396b2e755caacaca4ee5604496f7b7319141cb4ca3edcb166deaae4cc3297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 19:49:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zw4BxFI4A59-HRhV3J8V8rBqSrAYMswZVGiG02YZ8WDGSMCj-f6djynfRetr_KhIhG3M8vnuyNzn3x64l3T2gAzQS1miB_MWOjwYPy6Zkj-ck77gTgqorzXLMokYm6aIoHrMbPvRjaC8LmRjqY9a9uaX6QoIYTflS7zwJyx8uhkyj1zQR1VkZupKOuYM4snUTz8dwqrMSYRTDvDh13hxMQeOxWwQfsLZn3BDEhbOt5YwjC78J7_OGaHBaYM"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 81519726
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame EACD 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 19:31:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame EACD 20 KB
8 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:40:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EACD 0
0 23ms
21ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUMiTHVGJWtuoQDgV3vgf6aS7dR0xvwqQac7K6Ygar_ZAYZ88Eaw13eJvxnoRau0XzyaI85xdPmGMZczM4qS_pJuEBiw
Requested by: Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EACD 24 KB
6 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EACD 159 KB
49 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 19:49:34 GMT

GET
DATA 200
OK truncated
/ Frame EACD 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49685cce034485726508e64c453fdc606dc54dc1977404a949be092b6d2987b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 16BA 2 KB
1 KB 127ms
126ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDW5zQALZ1kKcaDDAAMfx_CTHvlaMSuqVGyW9Q&u=%7Cn6kHlRSpbS3R8b9oel5zSBuXplFIAVJUvdp%2FIU4FvGs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZes0XRMyVMt2NSKovuat8dVv_gb-hLv0X_LZiqFHZaHV6eu-D4cKoREtp2C9nC4lZdOYlJlhiu5RmPn50A9FCAKRSagbCoY3Hrd3BWbPjnfWGrMNtQNiEJBvvrtBv_qGvZinyKPV4DUyt4OBAc1_7AS2vxziVYMeaesTJ9VoZGCTkk_w3Uukn3Wil0MrSaKMwEZck5k3m-1mE4yDrnao5Va6s2pLjDvelCoB05XDOk28IPcDHr67EOA-IJDrgMYxJNyzGQytxEqVOHIwZSgbDu1_ALijluvuMcy8YAafZQl6ojncH6SlC_V6LypPKfvHWOrOmKkVg_w4owDFW-QlTdJBjaFWMdE4rgQtj0UiyjQrjrFdSIZHKBZ6OeSKMq2f8Lb7OzEkqyiZy_M9gQzlugrF67Q35ssAAn6mV__x1ohNPQSlz97STEd8zmyEXB-JF1Cmvkywadfqr0L9rPeuTwJfCVnC3qBaZNIXvugJNmRg_tvxypEDnsNKSAZpt_TjLWw20te8Uvs2tIRWS27P9biroZusAtOfrdIJrpEHfmX1hmaVklyy5T3Aq3pIx9AraKgEgG0Y5aMbGsjvJ1-Io7yuS87SZqutdFnYU1u0FU26nxWi6S6UvOPpIyHMzM9sREb4eLgclIv5e1uG3hNDPM14A7iOaBxD_UnX9GzTuvTLkjhJwblB3YONAglrml_55Vcn1QU3S3sHqR8X5rFuiL1wPry0N3FuYVIDxfXTjog0p9NAOk6iDmwUAqdptYhugYnHt9f8wHAoB1dWg2LG9sqfSYJzDUbxdCOGDNYwlopTw_8COeCzc2oKpNw6yo_qphJz4Que39WMFhnLO6sOJwdFKYNZSpjwNglwP1aJd5qKyhPKZQmUksSHYOp3oWDVwkrn52y_VW--V07MDb-J_KSajxpepjoaCCO6xT9AgKzienu5UA1YZ6f0QwnkO81qy4HRleX8MMWwa-2VmUgB5M0_KNgLemTGunr-QeS3EZfAtmTC22IkbK4Ii_ezPLAaiEwqXOFTEix-OJCFTF0vVyhgExZeBhiiDHRSEkQBBv_4hrY2Bv3l1BxMIWflX368cTvQTmmW-An2_Kh8guPmpUyPvlpaj4L0Wk71Hco1E9nIhyU2xMSg9kaCCEj77xTPMFz-GEAI53KcOTpcXSCq1qEc-ZYfibKrGJysZnQxX7WN2O7k0RQCIAgkfof0FsZoHu4d5YY5r05bw52HBNhYEqcU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDpDbzbk1ZNnOLcPBxgPHv4wIyZ7SsVzVnZH3cMCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0yNDQyMzkxMzcxMTA0MDY3yAEJqQKyZy8ba0myPuACAKgDAaoEnAJP0LobEYxQqZKnvPOx6Ej9YLEjkzDuWQFPEsIJBJU2GBgsNAL9-44it6BN-NnuJ5kgugiTMiOaPgGlv010g5cUsSoRZZKC5E1Qqx0-8tD3QcOATsp1titK1BDdDM2Et6zAMlh6HmWz5w16nsMDOC0vQQ8a5Ud0vZLyvqh9JZ4myW2DwSXarm7bcpYnyCa0yG1geCuF14oOdSIRahrPyzR6wjjIAbxmXqYpR5JFlnRYu2oUOUt5QJrkpaINY4RK1The4tlZ7HzhDNIugVOzxloLkcmTDmPBI1LDcvzdCxn0JrJH4gA_4xaABf7l2PnRMCmEwBV7JCoV5td692-_ucWSoCsvHpeAmSfUsYO8LdtmDXAXxLX0Mi0iHf9Yw-AEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBAIgOGAEBABMgKqAjoDgMAD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MsZDr8OT2VprFfKd87alr65C7NQ%26client%3Dca-pub-2442391371104067%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:34 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 16BA 2 KB
1 KB 130ms
130ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:34 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 16BA 308 B
636 B 131ms
130ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 Apr 2024 19:49:34 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 16BA 293 B
621 B 133ms
133ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 05 Apr 2024 19:49:34 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 16BA 43 B
347 B 21ms
20ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WtIYnzUqsPqWjF9MLwhLzEP9m2TMXk8nnk3BfkL17HrTirZ_P_hIU6LhQS9p5G-NAuo_R09DlZl6yOsTjC2uJPE0fC1XcNiB3XzlsSxBu8Hso0NDh8u7Op-bdRqChdAj4x6nKjPw1RrD8pjjTQyQhJtSULj5Oguffj7KyUKwcXhYv91_Z8Lc9Yp1ZuzxXfM2wx21Olcx3s4RA4gAMcMOdSf3AZO796jZEu9gGiEpGUgrW20RBXN6gSqeaOdxMGLzpxkg9KCzDwTicoMkvnjEQnJ4r0_s3N4D8D6_FaXB8vG5v1ho-SqZUBv8n1kjDBrEz3QJGAfltjoOxxgWOyvD5j6UBwo32SyrOw5OOnA3wI6fDkYkxLO2HbBE_VsKHMCx6e7Do_qzmdW46jkzpgpVF3fd7YOLvHQr0A58NW7Lmu5jQP-Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2716862
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 16BA 12 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 516293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIHxvz2LOQPLmmbb5RPKy4ycCnuJTOoX3p3efVY6Ui02CSWGoqwFKWRwzmzu%2Fg%2BK6kPawx2cjEydO%2F9P7hXlQi731R3Zww1lO6lsrZx52HwcthvLSfVvEzztnde23US7gXnSZkqRnGG8eIIp9%2FSznkll"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b65c0e8e91bb945-AMS
expires: Sun, 31 Mar 2024 19:49:34 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 16BA 12 KB
6 KB 133ms
132ms Script
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:34 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 16BA 46 KB
46 KB 142ms
142ms Font
application/octet-stream 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 4 KB
4 KB 119ms
61ms Image
image/png 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230313%2F083d2df2aad24ff99da4ddde5249fccb_bonprix_logo_rgb_pos.png&v=3&w=596&s=BuGsVd_XXB_cJuha3sFbg6Xg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

373ba48b56807d5a1cb7543baf8ce84905515dd20e779f85cad07f1a84c39d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30567677
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3626
expires: Sat, 30 Mar 2024 14:50:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 36 KB
36 KB 88ms
31ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230322%2F14ecda8cf7ba4e5cb5f32158117fbbc2_img_horizontal_1.jpg&v=3&w=1200&s=RUaJHmZ0yY-VgpWteVL4ijNX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

da97f6bfdb4afd8d17a4474efdb010638699cbdd65829d7f5ce36aa09d427493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30568010
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36678
expires: Sat, 30 Mar 2024 14:56:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 38 KB
38 KB 94ms
37ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22243969-8wC1DnoI.jpg&v=3&w=400&s=lr6Kw8XWmuAxr5zeRWEGZKGU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0288eb93c31d03e23e58441e2772eab2f9b26e9364fcebf21ee557c7fb618604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=70033
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38400
expires: Wed, 12 Apr 2023 15:16:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 43 KB
44 KB 126ms
69ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1610962299%2F21009275-aLEEk034.jpg&v=3&w=400&s=pTXfj3STA8E4oZ5MxhkfGLck&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

458150360c0f0180dc4a4210cf02a2a067eec5d33ee821671fce942b5ac3b5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=69144
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44496
expires: Wed, 12 Apr 2023 15:01:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 18 KB
19 KB 116ms
59ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21312375-7awBP5eY.jpg&v=3&w=400&s=_jyyL-WiQRlPVks84nH30Pgu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7f5d6d8267a0531cce7362cf41c91442ce8b0168a6a9cce048de4ea4de4d8611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=86307
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18878
expires: Wed, 12 Apr 2023 19:48:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 43 KB
43 KB 119ms
62ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1673278181%2F23002942-NvvsniCG.jpg&v=3&w=400&s=27ESVs6p7OME_DXAOTsbbYNI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

47058b99a83d6c9e1d026d91c5bd7d4dedade296897ebb48290d297056acec06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=81649
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43986
expires: Wed, 12 Apr 2023 18:30:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 17 KB
18 KB 51ms
50ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1565190324%2F19233655-skkURgNS.jpg&v=3&w=400&s=JbFBCHrltrmrl96mJdNsuYuA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f944ba562f509607822e78c0329e94e47bc7aaf5ee422edd28dccbc5934dbd4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=74439
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17830
expires: Wed, 12 Apr 2023 16:30:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 12 KB
13 KB 49ms
47ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1673384406%2F22253988-zOGswhSH.jpg&v=3&w=400&s=yikqfSFPHGV93pL_6ZliuARE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7c731b9afd7dd8c8cbe469e41ca13d04ba84e6d901849da14dc76eca647994cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=68644
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12686
expires: Wed, 12 Apr 2023 14:53:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 14 KB
14 KB 56ms
55ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23058936-MDBlltIM.jpg&v=3&w=400&s=LyfuJS266bkeb2Mg8KqORiYe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5b66a4e4a5879abe277bab2c29d18583df8ca8c498dff1e3007fc2d26b0895aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=324661
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13908
expires: Sat, 15 Apr 2023 14:00:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 27 KB
27 KB 55ms
54ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21238039-d8tsKebj.jpg&v=3&w=400&s=EDQu0y_Las_aJMMAxDgegjHu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6b420bc3dbeb00746b1867435b028fc9c08c48a64d438005446300673782290b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=126250
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27142
expires: Thu, 13 Apr 2023 06:53:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 20 KB
20 KB 62ms
61ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23003956-aJ3NgC4H.jpg&v=3&w=400&s=ENKJqvz6m9OoM72A-75gvspo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6da59735ed3329762799fd395fbfc17fe2a3a46fae8f9bc5c9646996b15a7597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=69194
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20354
expires: Wed, 12 Apr 2023 15:02:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 36 KB
36 KB 59ms
58ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22040888-uNd8CmT1.jpg&v=3&w=400&s=QBkPICDeUHXAWAgwOnV90IXR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f85e39a65be1e99eb40813edcbbe9bee39e542c1ecd29f7a6d51ca8b5003b919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=176787
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36954
expires: Thu, 13 Apr 2023 20:56:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 10 KB
10 KB 57ms
56ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17213415-Qucwi5uP.jpg&v=3&w=400&s=ID_MfhjKEmyH5p_Mi8f8V2Hj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c3d87dbbba452b9eb97a216dc98ba3a26df9c7da0be8cc1f865d4c30890bef4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=68883
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9732
expires: Wed, 12 Apr 2023 14:57:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 16BA 17 KB
17 KB 58ms
57ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20186117-TKB22Zeh.jpg&v=3&w=400&s=spcmFRma-YEutYB3qE3D3d-A&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9930214eb3c68bffb834f75439676a1812f126d9d5a9e628522f468aa9bfd64d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=127155
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17094
expires: Thu, 13 Apr 2023 07:08:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 16BA 0
127 B 14ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=zw4BxFI4A59-HRhV3J8V8rBqSrAYMswZVGiG02YZ8WDGSMCj-f6djynfRetr_KhIhG3M8vnuyNzn3x64l3T2gAzQS1miB_MWOjwYPy6Zkj-ck77gTgqorzXLMokYm6aIoHrMbPvRjaC8LmRjqY9a9uaX6QoIYTflS7zwJyx8uhkyj1zQR1VkZupKOuYM4snUTz8dwqrMSYRTDvDh13hxMQeOxWwQfsLZn3BDEhbOt5YwjC78J7_OGaHBaYM&sds=2&rev=85712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 11 Apr 2023 19:49:33 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 16BA 2 KB
1 KB 127ms
127ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:34 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 16BA 2 KB
1 KB 130ms
130ms Image
image/svg+xml 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Apr 2024 19:49:34 GMT

GET
H2 200 6185784206 Show response
dfp-gateway.s-onetag.com/1/27763518/ 116 B
599 B 69ms
8ms Fetch
application/json 18.66.97.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/27763518/6185784206
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/925b4fd4-a51e-4daa-a4dc-0bc3fa9e7208/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-66.fra56.r.cloudfront.net
Software: /
Resource Hash: 9d7faf4d3afeacbaffff15ccc2bbef92c0d6bd44c414cf554e33fbff736434ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:08:41 GMT
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront), 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2, FRA56-P2
age: 67253
x-amzn-trace-id: Root=1-6434b319-33715f5746e1a9594e40c546;Sampled=0;lineage=9eb5b80d:0
x-amzn-requestid: 1e38bac1-926d-4b4d-a20e-de9f11837a53
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-apigw-id: DMDsCFYzCYcFliA=
content-length: 116
x-amz-cf-id: jxO45csvJ021bRpIlzyugbhkC5Nqw0MpyaplH2_SlEJsDu3kkafDTQ==

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C5DF 42 B
64 B 230ms
230ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssatUraEQoThjNdXf9LdT74quDLZPj0KznZegr5FAS0Rdj04rXJM1L33Hx67JlnowJ5K8r2jmkIma3Wgo-1AaYeQngWeTsV179nZxx1arwowLmx7nrCqhSsYgzdQlit_PIlUKPG-zQ&sai=AMfl-YQnALQKgFrwqddXRwXdvr6QvK9cOFLqDMVMB_RX-jmZspAaLBwc92HNhUwn-UusZIxiP0-Jo-hVC2OEsnqg8wAPzp-Ry7Snkp1SzFnFzriy9ZCn4CMbIT511yc&sig=Cg0ArKJSzMUTdSvHxrlVEAE&cid=CAQSOwBygQiDQU_1-HibqrBWCVYD6QfsiEHy5gjmXN8WhkPquo04_wiQWFTqHjoygQ4sMIBa3l0gOgjUeBlYGAE&id=ampim&o=513,65&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=236&tls=1236&g=100&h=100&tt=1237&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 078A 42 B
64 B 163ms
163ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgj_Ill3fn-auBMijc7cu9RC6Bs8tT0ypcaLZnobOuX1w9bVJNOBGxsugO91inPkPfmwqyFFGjaJi2-fJy7ORKNoe19iQoThYBFM5maXcdSCP0_21c5vVANhT2ONKIrZXZE5oo-aM&sai=AMfl-YQ5nEfbeTg4W33gVumV05fN8jrvHaXDMLAyrrqG_tq_O1nWHAubuASWPsUQOqlrbdfwdr5IextYZjhmUXNaOclwGk76pch6cW-RJXt0wz9jeiOUMvMQujtM30yh&sig=Cg0ArKJSzLa8TuJizXsMEAE&cid=CAQSPADUE5ymo-fJGlSIX6YhWTrLJqCLdQZ_1NNOn3RWg2qH-atodWMO36Id7Sy9Egd5-1yNZuM4lL4lTlsPHxgB&id=ampim&o=0,55&d=900,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=112&tls=1112&g=100&h=100&tt=1112&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weihnachtsgeschichten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 19:49:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.weihnachtsgeschichten.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9ri80ppil6h4ra45g1j6bnpu58
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: PlRGUSn9xCA
.youtube.com/	1970-01-20 15:19:54	Name: VISITOR_INFO1_LIVE Value: WmyauUTepqM
.weihnachtsgeschichten.net/	1969-12-31 23:59:59	Name: src Value:
.weihnachtsgeschichten.net/	1970-01-20 11:43:54	Name: _TStfc Value: 124257180075
.weihnachtsgeschichten.net/	1970-01-20 19:46:18	Name: _ym_uid Value: 1681242572426461360
.weihnachtsgeschichten.net/	1970-01-20 19:46:18	Name: _ym_d Value: 1681242572
.mc.yandex.com/	1970-01-20 11:00:43	Name: sync_cookie_csrf Value: 3470262030fake
.weihnachtsgeschichten.net/	1970-01-20 19:46:18	Name: __cmpconsentx55325 Value: CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA
.weihnachtsgeschichten.net/	1970-01-20 19:46:18	Name: __cmpcccx55325 Value: aBPqGUH3gAAJAABAAGAAsABoAFwANAAeABGACUAFAAPAAgACHAKeBYEC0QKNAUtgAA
.weihnachtsgeschichten.net/	1970-01-20 19:46:18	Name: __cmpccpausps Value: 1YNN
.weihnachtsgeschichten.net/	1970-01-20 11:01:54	Name: _ym_isad Value: 2
.consentmanager.net/	1970-01-20 19:46:18	Name: __cmpconsentx55325 Value: CPqDl4APqDl4AAfUtBENC_CgAP_AAH_AAAigJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIJSsR5D5MDWFBWX57QMskWYUX0MAVZyADChaAAaABCDAAcKQAkkEaIAyAAAACAQgAIBYBAAAADAlAAEAQQIhBAAHgAgAEoBAIIAAEABERQUIAAAoKAIgAEAAIAAExKECAkALQAobiREAAkIAiQIAAgAAAAIABAhMAAAAIAAACAAIAAACAAAAAAAAAAAACABAAAAAAAAAAIAA
.consentmanager.net/	1970-01-20 19:46:18	Name: __cmpcccx55325 Value: aBPqGUH3gAAJAABAAGAAsABoAFwANAAeABGACUAFAAPAAgACHAKeBYEC0QKNAUtgAA
.mc.yandex.ru/	1970-01-20 11:00:43	Name: sync_cookie_csrf Value: 1059982148fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2527409961681242572
.yandex.com/	1970-01-20 20:36:42	Name: i Value: bq4tteKPOSxDM2dPHDTMm+wBunHRYa8BFjvburhc3BHkOt3CbPBgjMVKwJ+IB56Cen0LHRk1NMdS0qDQ/QbSIcnc96o=
.yandex.com/	1970-01-20 20:36:42	Name: yandexuid Value: 5854107711681242572
.yandex.com/	1970-01-20 19:46:18	Name: yuidss Value: 5854107711681242572
.yandex.com/	1970-01-20 19:46:18	Name: ymex Value: 1712778572.yc.1681242572#1712778572.yrts.1681242572#1712778572.yrtsi.1681242572
.teads.tv/	1970-01-20 19:44:52	Name: tt_viewer Value: 16e1e9c6-546a-481e-b908-aa1eaa4ed3b0
.xplosion.de/	1970-01-20 19:46:18	Name: pid Value: BSw3BS78BDaFBD7sBDb0EiJFESUsESJZBD7AWDBABifABfrr
.xplosion.de/	1970-01-20 19:46:18	Name: pid_short Value: 5O5xyVHBOsynSDW2qd0FSSwk__rr
.xplosion.de/	1970-01-20 19:46:18	Name: pid_signature Value: BD5dEiuIWiR3EiWdEibkHqWlWdBCBs7AwDulWitbEQaZEqWbwsuIE_rr
.xplosion.de/	1970-01-20 19:46:18	Name: ep Value: ZDW5zPV7gT1Wnmpk0YUY
.awin1.com/	1970-01-20 11:10:47	Name: awpv11938 Value: 412871\|1681242572\|fa72b870-d8a1-11ed-b00f-2238801674a3
.awin1.com/	1970-01-20 11:02:08	Name: awpv14598 Value: 412863\|1681242572\|fa6216a0-d8a1-11ed-b339-2265b7c46fb7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 371862:3254070
.congstar.de/	1970-01-20 11:10:54	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1681242572_fa72b870-d8a1-11ed-b00f-2238801674a3%22%2C%22sp%22%3A%22awin%22%7D
.criteo.com/	1970-01-20 20:22:18	Name: uid Value: 484811fd-fc91-4d7e-b371-3aef9403b852
.weihnachtsgeschichten.net/	1970-01-20 20:22:18	Name: cto_bundle Value: GTw-bV9CaW5JWWpIbk5OQXRZJTJCciUyQkJDSWk1NFVyaFF0RXdreUpWUjBxTWpRM3pSTlBXczB2dlNDR2JaRmV3ZFZ6VndtbHJmYzIwZHNVcTBlcXRQY2JnSWw0cUF2SERzcGZYJTJGMzZUbVE2MFFrRGclMkJ3TTNRQWdQMWtrVXJXVXZ3akxieGZBS3RJYUVhNEw0RUV3SHgwbWVuZTl3a0JxJTJCbiUyQkszRWg3OGJzblVhWndxbzglM0Q
.doubleclick.net/	1970-01-20 11:00:46	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:22:18	Name: IDE Value: AHWqTUlbmffhQUUVExoGYMwjuM78A78Bh1Qyl-90_CzH3mFb7Ivg5suZqxLBJ36FiXc
.weihnachtsgeschichten.net/	1970-01-20 20:22:18	Name: __gads Value: ID=55f4bedba711f284:T=1681242572:S=ALNI_MZhWcTwn4fJiZC5x-RCGOHnsHeeKw
.weihnachtsgeschichten.net/	1970-01-20 20:22:18	Name: __gpi Value: UID=00000c00972bdfa8:T=1681242572:RT=1681242572:S=ALNI_MaajyCMZYx2b84QoTmZz3S-I3UR7A

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.weihnachtsgeschichten.net/ Message: Refused to execute script from 'https://www.tisoomi-services.com/cookie' because its MIME type ('image/png') is not executable.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3469551&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kz5s7k3g5yn4fscvbzxbqsyq3r4xghww227dfk4246xtgt3g9mmnkqfdt87mgd0qch9jd9wgbhp63g8xprz3wwqn2svyvk958deptg5a4c13emg4aqfhdtyv9r825f9vbyev9wppe5gr87f99d78zn5r2kmqn0jty9erygtr83y2xh3am92yzqw9q6dp5vcsraw9pe66s4efkde4gg5n8fw0entqwphagwr60pgzmgk152qtmktcb6thpe1hk4k68y74p0%26a%3D&clickref=oneidY36crf3f75M7UVH9HetgC6253tkSWt5zcroneid__weihnachtsgeschichten_advancedad_300x250&viewref=oneidxJGtQfAfZEKZsPHdHztQtmXEes7S4tRXaAoneid__weihnachtsgeschichten_advancedad_300x250 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://signal-segments.s-onetag.com/desktop/www.weihnachtsgeschichten.net/%2F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signal-segments.s-onetag.com/desktop/www.weihnachtsgeschichten.net Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f35d8659104d143ce7349dbc9ecff75.safeframe.googlesyndication.com
a.teads.tv
aax.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
at.teads.tv
b.delivery.consentmanager.net
banner.congstar.de
bidder.criteo.com
c.amazon-adsystem.com
cat.fr3.eu.criteo.com
cdn.ampproject.org
cdn.consentmanager.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.unblockia.com
cdn.xplosion.de
cdnjs.cloudflare.com
csi.gstatic.com
csm.eu.criteo.net
dfp-gateway.s-onetag.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
imageproxy.eu.criteo.net
mc.yandex.com
mc.yandex.ru
mug.criteo.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pix.eu.criteo.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
static.criteo.net
storage.googleapis.com
t.teads.tv
tpc.googlesyndication.com
track.webgains.com
ups.xplosion.de
weihnachtsgeschichten.net
www.awin1.com
www.google.com
www.googletagservices.com
www.tisoomi-services.com
www.weihnachtsgeschichten.net
www.youtube.com
104.74.96.163
108.138.189.65
108.138.189.67
13.226.31.170
136.243.25.117
143.204.89.104
162.19.138.119
172.217.18.6
178.250.1.11
178.250.7.9
18.66.202.223
18.66.97.66
2.19.229.28
2600:9000:211e:8800:12:abfb:9280:93a1
2600:9000:2249:f600:e:29d5:db00:93a1
2600:9000:2361:2200:a:e047:752:b361
2606:4700:10::6816:3556
2606:4700:20::681a:ad1
2606:4700:3033::ac43:d65c
2606:4700:3036::6815:5dc9
2606:4700::6810:5814
2606:4700::6811:190e
2607:f8b0:4001:c08::5e
2620:100:a005::17
2620:100:a005::6
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2001
2a00:1450:4001:806::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2010
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a02:2638:3::10
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638:d::14
2a02:2638:d::4
2a02:2638:d::c
2a02:2638:d::d
2a02:6b8::1:119
2a02:6ea0:c700::11
34.224.205.52
34.243.91.200
35.179.69.18
65.9.66.22
87.118.116.9
87.230.98.74
88.221.169.49
95.101.201.49
0288eb93c31d03e23e58441e2772eab2f9b26e9364fcebf21ee557c7fb618604
0431f53f752ff02e33885c8a18d9cf0a93ca00a0c293925a82e8333c4f37e67f
0563b45e7f8099573475a80a342c9e71a371e453ae363335dcee0987ce087655
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b93e36b2cc1877a0bb4c842ef833fed8ae69ab78fa0920b91933f641fb5e55d
0bcc9d482e8dd462455df2b5a21d8918d7e9701ccecc7e79fcdaa23b6eedc809
1a272d12090faabe2251c1617b917bbc1d68088596c5a8be4d81fa1fc39dd911
1a55c314c1488fe74cf731441adccf2f398ebba43450d0ba90733f33e55a1735
1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25
1ef0a56094a418694fbf1370c4b805a7df2a9787f9dab804d40a0ee24330bb40
1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6
20bc5468098ed5c93740df61828db61260fa90cfb749a155ec02499786d5fd3a
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b
2423911bd053d28baf9c0b4e448ee661ee4ff0be96c829cc52169eb6bee65d80
2b15114adb679270e25e0d47ca2d8ee278701c0a23d815ebcbbd0a4630211873
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ff3b8639d495868065a7d768463b690fe14a90c0b0b5a36df1ec4d23154cc52
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
356c268e7b85421e964dcaab6acdace018e92b446cd141a20d5d1412afad62a7
373ba48b56807d5a1cb7543baf8ce84905515dd20e779f85cad07f1a84c39d98
38894a9230bb56db5bfd52eda71aa97e9b94486062e533606285855b457b9b8d
3e19865caed6dbd12eacd00501eb4b382a1f0190df9cf2a8373d110bab7a47e1
3f73768613f925c342c620a9bcd75ed2c122048a54f092fae9fb73d7caff460e
41637486966b424136dc0e3a8a99778ff87343d67ebc83abbd49c2677d88bad1
42de4c706cb11215305adaef950fcc4d1f99bc15b7a40db694279ed9ca2928c1
441916a5d24a501c18147761572b98076484a80219acf3fa08d26f0a15bf459c
44eb36c6a65f0e63c18910d10ee5ff2aa72257bec74095ef363bd26a306af9b9
458150360c0f0180dc4a4210cf02a2a067eec5d33ee821671fce942b5ac3b5d1
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47058b99a83d6c9e1d026d91c5bd7d4dedade296897ebb48290d297056acec06
49552a1b265626ae43788c7a552f0e83b2a60c3b80a03f0a3ac5d897e19e5a4f
49685cce034485726508e64c453fdc606dc54dc1977404a949be092b6d2987b7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd396b2e755caacaca4ee5604496f7b7319141cb4ca3edcb166deaae4cc3297
5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29
5123c1a40493444a739a3b0ac6da67ed7610b3b668a1397cecbeab3cb2fc215b
53b14a22cd3dc973d6cb1a381d01fafafc4da1632bacbf15f7fac0014fbe70c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558af190ee1198816209d5380742cc77f5d95268c8370eef630406372608da55
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5685c6d18f3b4ce927735266d3b2c03ba743e7d0c5e45ef030c4b3dbc01f65cb
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5afd32df487fe176ff7f72133df6c123d0c5c9d8d40c07633f8f294c24d4c2b9
5b66a4e4a5879abe277bab2c29d18583df8ca8c498dff1e3007fc2d26b0895aa
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68fcb61a8ac3a8cf22c7d9878462bdd7d18d0ce93d9b18e5b5013db8a1e3e0c3
6b420bc3dbeb00746b1867435b028fc9c08c48a64d438005446300673782290b
6da59735ed3329762799fd395fbfc17fe2a3a46fae8f9bc5c9646996b15a7597
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
78fb143007b190d26f1979699eabd9251a9d892a526874860e6d707f6ef955b5
7904bd25b931a22db7b63e11873ae740bfa8fe70667f26956f1dfe1414051f1d
7b9027d30580fbd9485018b4d4d9b2a6bd19854aedba61de71f20602c7d96c60
7c731b9afd7dd8c8cbe469e41ca13d04ba84e6d901849da14dc76eca647994cd
7f5d6d8267a0531cce7362cf41c91442ce8b0168a6a9cce048de4ea4de4d8611
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
808ffaeee4006e4930f89f5dcf46f603eb173ecc365b8f3df2b822bb6747c0b8
82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d
834ca4b06d778e3a64a8836c99fdb7749502f7449dec585212f8019da28582f6
8452bd0c54b786349447609934bd1810af8c5158d43786939a8cd46c24bc108e
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
88233ad1abcd2282b53edb9465a6bef42fd32de319f014e4059353e4fd8a7e0a
89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad
8b54cb0cf73d15e576a970b9ff7ccd7c9b64024866676f36e23bc4ee3160bd28
8bedb4ceb0ab2b64b12fd004b32aa7adb261cf8d79940c84c855282ad6831de9
8d37935b6db3df045121d4fa638b598e7e4f0a71f16d4e533b26e8d26732d5d5
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
948eb970a25988ba04a01d5bf9b2d3851a4161541e03251ffba8cb86f93423ed
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9930214eb3c68bffb834f75439676a1812f126d9d5a9e628522f468aa9bfd64d
9d7faf4d3afeacbaffff15ccc2bbef92c0d6bd44c414cf554e33fbff736434ea
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5bd4dc6b6ce4b5fd25f90bba75bf8d154c328d2df04fcb6cba0282a89a55187
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b0ee1b83a672e602c818711d3165f40b3c24571f136a76235b5e01bb542afd62
b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4
ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5
bc3c32f656224f3d978f98454eccee6efd0426c6395d78c6c3b04d381ccc6284
bd24b4b8c732bd80d88debc30a03de2edbde4605a3732e2cc0cdc376a1226ad7
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c3d87dbbba452b9eb97a216dc98ba3a26df9c7da0be8cc1f865d4c30890bef4a
c43100a4762ceeb85d6059db2560f8b0d6213c3b337a8dd3d6f86bf5b5e808d8
c68a81ddc0974891cf786f43ef55c340db91f3d5a63ec49c508143232e4ce654
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c8fe9974d280ce418c27964e3bed959eb66245539f9a3750d89b5d3ede82deb4
c9b5378b42fb210ba18bc1c6879c3deb075cd6c0a50f4ce42b703cddece693e1
c9d5d388649117caf4229e65edbf884be9f45e78259fb042e60ad1c112612b9c
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf3ec9895ff48b1e3211a783adac4f32716e64d669e319ea55e7cfe19cda73f1
cf9b07584547d5d561dfac9cdbf7b6a530cb72a1b7a1096411966036c4017d38
d12edf79a333c20b2ffdc2abfa2168c88d6105e2073cce1bee3b962191ea38f8
d34ddaf3483baa928b87cb4aacffe018dd3629135d76069b1a88c78ae03d98ec
d598e12633ef08d87ff323a25960b1e9615d89cd8303e795cc5639099356fcc1
d5f4c5bbbc157ab9adf6e30c766bf42de65fd31270c8f1c0dbdcee08816298f0
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
da97f6bfdb4afd8d17a4474efdb010638699cbdd65829d7f5ce36aa09d427493
dc5df900bc78feeee291153dc5df5f371ca6f697da0949af1d00c2370953bfbc
dee9a8f74f792db0d00d4692419aba18da305d4e64a259d3f00fec5710b41b4d
df26487b1ed2e48ac926acab48ce3ab66aff77772db93b5e93c337ab7046d282
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8252d0e0e68a3b766fdc139543efe434ec32e77cb40eb123ddcb9b7f5447ed9
e85425bd2e6b2f9e6214b358fe34dc87bb42551bbf11f253e96583c086d4f143
ec3f85924617eeebdbd208b1dc4fd4b521c505e7d4235705ef0d9db7f78c05dc
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2b48eeb2d8be46e58fb71e59f7cf42be331a1bb07b1eb23b512b967e12a7ae
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4
f1a3fceb926bc83c90ed9a582c94bee2ed6a2a804fd6b571a1c8c3e21631986e
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f507f21aed06667c8a48e3556c929f0d3001bb708ff60bc4ca6c026369e5a65d
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6aae9c185806eb037c8c72be952d28e4d3188857aa12965bb132a5a782f94ae
f85e39a65be1e99eb40813edcbbe9bee39e542c1ecd29f7a6d51ca8b5003b919
f944ba562f509607822e78c0329e94e47bc7aaf5ee422edd28dccbc5934dbd4d

www.weihnachtsgeschichten.net Open in urlscan Pro 2606:4700:3033::ac43:d65c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

96 %HTTPS

63 %IPv6

31 Domains

60 Subdomains

56 IPs

7 Countries

3244 kBTransfer

6911 kBSize

35 Cookies

1 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.weihnachtsgeschichten.net Open in urlscan Pro
2606:4700:3033::ac43:d65c Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

96 %
HTTPS

63 %
IPv6

31
Domains

60
Subdomains

56
IPs

7
Countries

3244 kB
Transfer

6911 kB
Size

35
Cookies

190 HTTP transactions
4 data transactions