urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
169.150.222.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Submission: On July 16 via manual from US — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 8 countries across 18 domains to perform 152 HTTP transactions. The main IP is 169.150.222.217, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 169.150.222.217 60068 (CDN77 ^_^)
12 142.250.185.97 15169 (GOOGLE)
5 104.22.47.147 13335 (CLOUDFLAR...)
8 142.250.186.130 15169 (GOOGLE)
15 172.217.16.130 15169 (GOOGLE)
1 172.64.160.31 13335 (CLOUDFLAR...)
6 216.58.212.161 15169 (GOOGLE)
1 142.250.185.110 15169 (GOOGLE)
24 172.217.16.193 15169 (GOOGLE)
49 142.250.184.226 15169 (GOOGLE)
6 142.250.186.98 15169 (GOOGLE)
6 142.250.186.100 15169 (GOOGLE)
4 11 142.250.181.226 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 3 37.252.173.215 29990 (ASN-APPNEX)
3 142.250.186.38 15169 (GOOGLE)
2 2 37.157.5.133 198622 (ADFORM)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 54.228.185.180 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
1 1 124.146.215.51 2514 (INFOSPHER...)
1 2 104.102.35.84 16625 (AKAMAI-AS)
1 1 35.208.249.213 19527 (GOOGLE-2)
152 19
4    169.150.222.217 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com
www.xgcartoon.com
12    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
cdn.ampproject.org
5    104.22.47.147 (None, )

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
8    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
adservice.google.com
googleads4.g.doubleclick.net
15    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
1    172.64.160.31 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
6    216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f1.1e100.net
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
1    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
www.google-analytics.com
24    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net
tpc.googlesyndication.com
49    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googletagservices.com
6    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
11    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
s0.2mdn.net
2    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    54.228.185.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-185-180.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
sync.teads.tv
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
Apex Domain
Subdomains		 Transfer
72 googlesyndication.com
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
1 MB
35 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346
115 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
5 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
251 KB
9 xgcartoon.com
www.xgcartoon.com
static-a.xgcartoon.com — Cisco Umbrella Rank: 505460
435 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
337 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
3 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 325
74 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1425
452 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
954 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
1 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1103
453 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1109
1017 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 688
604 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 9084
233 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
257 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 19625
3 KB
152 18
Domain Requested by
42 pagead2.googlesyndication.com 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
24 tpc.googlesyndication.com 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.xgcartoon.com
15 securepubads.g.doubleclick.net cdn.ampproject.org
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
www.googletagservices.com
12 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
11 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
6 www.googletagservices.com 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com cdn.ampproject.org
6 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
5 static-a.xgcartoon.com www.xgcartoon.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.xgcartoon.com www.xgcartoon.com
3 s0.2mdn.net www.xgcartoon.com
s0.2mdn.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net www.xgcartoon.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 eb2.3lift.com 2 redirects
2 c1.adform.net 2 redirects
1 trace.mediago.io 1 redirects
1 tg.socdm.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 dsp.adkernel.com googleads.g.doubleclick.net
1 www.google-analytics.com cdn.ampproject.org
1 amp.analytics-debugger.com cdn.ampproject.org
152 25

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G2		 2022-09-14 -
2023-10-16		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
xgcartoon.com
GTS CA 1P5		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-05-20 -
2023-08-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh

This page contains 26 frames:

Primary Page: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Frame ID: CFCEC2D38120DBAD680F80AB81B80E97
Requests: 38 HTTP requests in this frame

Frame: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 037E2874998D6B387B45789D3A011118
Requests: 13 HTTP requests in this frame

Frame: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: CB92345B7E734E1A136F671F298AFE25
Requests: 12 HTTP requests in this frame

Frame: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: AC309EAE5F84F55A121D3804ED97A2B7
Requests: 12 HTTP requests in this frame

Frame: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 5D05BB1ED76F200C1245AE20472F16CC
Requests: 11 HTTP requests in this frame

Frame: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 9D31AC9B57DD10E655B5A28E63594337
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031637&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787556&bpp=29&bdt=502&idt=769&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2894059661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42532278%2C42532280%2C31075849%2C31075879%2C31076089%2C44788441&oid=2&pvsid=641319743568916&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.wnfp0m35nhvn&fsb=1&dtd=837
Frame ID: 41D4F9FBE64B4C9ACBE0B9F8B799C239
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Frame ID: 565F2193855B0251FE4379BEB0C26812
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031638&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787724&bpp=21&bdt=660&idt=715&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=2597708548&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759927%2C44759876%2C44759837%2C42532277%2C31075849%2C31075879%2C31075882%2C44788442%2C44796476%2C21065724&oid=2&pvsid=2047191178837252&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rgb982m3s8hh&fsb=1&dtd=732
Frame ID: 0294398380FEDAEE1C9CAD2F03B08A28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=2480770705&adf=816031633&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787807&bpp=17&bdt=481&idt=656&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=626553879&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075879%2C44788442%2C44796476%2C21065724&oid=2&pvsid=3252126994577579&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5fzh5q5sz5as&fsb=1&dtd=672
Frame ID: 5BFDDC2482446A6587E48623A3DF6160
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=1378402740&adf=816031632&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787898&bpp=35&bdt=724&idt=590&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=626553879&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759876%2C44759927%2C42532278%2C42532280%2C44788442&oid=2&pvsid=2486682076711114&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oglvy6ehdndp&fsb=1&dtd=619
Frame ID: 00B2F6906E245497C7617F38AFD09B79
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhiM-crwATAB&v=APEucNXPd55OL8ZhgowcVT_z-C6eTA0CRB7PbPVwdoPoEs2OIhje4gqX2kS_doeQIqgNL-3qqI4o53CQ_MPaf3tRbEdy7Xzjug
Frame ID: 4EABA527633F7705D527222453A5E8F7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 674D98D6408F7B9F312A11ED3B4E3C68
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 252E5EDC988BCD2EB4DA0F565BDB3C98
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 72EA6D9CB055473B458D66918BB3304C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 13D2CABAAD809189B7396A253AF48B83
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7B99B57DCBDB9C65E9849792305855B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD935BD254A3FCF10B9CF2E5D9205C08
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB3DD70C91E63A008BFFA4C4C9AAD0B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 155CD88021BF5023B5B186A3CAF0A235
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37B6C91507D244BECA622C84CD73DECB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 883AC8850875B2D1D9218BE79764F5A6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE6246DED8AA67161AE234B01B875574
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8779601321339454873/index.html?ev=01_250
Frame ID: D395F52E1E78B1F750C76F992771C352
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E594600A26AC54E9F80942211AA6B7E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9658C43CBEDBAB8C20D4ACDB462ABBA7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍲枕刀歌【國語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

152
Requests

93 %
HTTPS

0 %
IPv6

18
Domains

25
Subdomains

19
IPs

8
Countries

2319 kB
Transfer

6077 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlV08sSXsSIHoepGTRUGaw&google_cver=1
Request Chain 97
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLN2JZ70ivfjn18csMtl8gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlV08sSXsSIHoepGTRUGaw&google_cver=1
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFJuFi6c4CkaZLrP9CgeA4M&google_cver=1
Request Chain 99
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAzNDYwNzAxNTczMTc5MjM2Nw%3D%3D
Request Chain 121
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN4QrY-vZBdHUBw6ffchSAQ&google_cver=1&google_push=AaAOQGGCBjD0LlfXyJywVVIQ8v1W6-fyAUlBN1kTWz0tUVLu6i2q3v3URGMBjGsHrem0LjU_nstATcOPDr6hMFSxYGsmOwIZWIZX HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN4QrY-vZBdHUBw6ffchSAQ&google_cver=1&google_push=AaAOQGGCBjD0LlfXyJywVVIQ8v1W6-fyAUlBN1kTWz0tUVLu6i2q3v3URGMBjGsHrem0LjU_nstATcOPDr6hMFSxYGsmOwIZWIZX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM5OTAyMTUzNjQyNjE1MjQyOA&google_push=AaAOQGGCBjD0LlfXyJywVVIQ8v1W6-fyAUlBN1kTWz0tUVLu6i2q3v3URGMBjGsHrem0LjU_nstATcOPDr6hMFSxYGsmOwIZWIZX
Request Chain 123
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEAoxwLXZwJLo6RIm8J55M6c&google_cver=1&google_push=AaAOQGH4jdU34hJ9qHNxS15ZITB2zhEG535ftgri_pxFR1tQI1pTMTZ4Knn-s17FJltvObAEn2OQQMAOPriOxVAapH1xU-eI4iI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGH4jdU34hJ9qHNxS15ZITB2zhEG535ftgri_pxFR1tQI1pTMTZ4Knn-s17FJltvObAEn2OQQMAOPriOxVAapH1xU-eI4iI&google_hm=Z2YwMDgwOGM3OTU2ZTU4ZTk3M2U=
Request Chain 124
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEACTRC7p5LAkQM--07arGR0&google_cver=1&google_push=AaAOQGGdswVx9tK3t5GDE1pSCYLYP-hsnmVAP9Ac_1sgQcbBHvu6U-RcnO2qfyNe8PZ6GXNNatkh1l_q3xNQZB0b3H97veG6SQYC HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGGdswVx9tK3t5GDE1pSCYLYP-hsnmVAP9Ac_1sgQcbBHvu6U-RcnO2qfyNe8PZ6GXNNatkh1l_q3xNQZB0b3H97veG6SQYC&google_gid=CAESEACTRC7p5LAkQM--07arGR0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE3NzI2MDAwMjMwMTk1MTkwMDQzMA%3D%3D&google_push=AaAOQGGdswVx9tK3t5GDE1pSCYLYP-hsnmVAP9Ac_1sgQcbBHvu6U-RcnO2qfyNe8PZ6GXNNatkh1l_q3xNQZB0b3H97veG6SQYC
Request Chain 125
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEIg3pfHhHGspDgkDOmSxLGo&google_cver=1&google_push=AaAOQGER8ZIUH_AP36qt7n11algnNBWmRa0PVHFdNLM9dcWT9oNsGGEnYeaL9hhdqhrB4HD5wzrY30vWp44ewhYFiXDKTwL8UkE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AaAOQGER8ZIUH_AP36qt7n11algnNBWmRa0PVHFdNLM9dcWT9oNsGGEnYeaL9hhdqhrB4HD5wzrY30vWp44ewhYFiXDKTwL8UkE&google_hm=WkxOMkpzQ284WG9BQUMzbWJ5TUFBQUFB
Request Chain 126
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKhuQKr_saOd5hgCV9ZKT64&google_cver=1&google_push=AaAOQGF6zk8Z4H2TUF_PclbfhM8v3ghIj6c5veeEHdkmJa_jm64TgWtoSs_P_FWVbGSjLCg43_MJMBqC-TTeB5RhsHpsSM_Mf0bz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGF6zk8Z4H2TUF_PclbfhM8v3ghIj6c5veeEHdkmJa_jm64TgWtoSs_P_FWVbGSjLCg43_MJMBqC-TTeB5RhsHpsSM_Mf0bz HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 127
  • https://trace.mediago.io/cs/google?google_gid=CAESEBGhLWeFI5gjj-x9mHD9wWE&google_cver=1&google_push=AaAOQGFX6rjmcPfKox1c96kr0EZ-xgjjF1TJFyIeiFlLiF2Ln0iSbN2fBJAUAnKtx9bmLUsqVxjKzHgjOVpHQzRodBVKvs7ndVQi5A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGFX6rjmcPfKox1c96kr0EZ-xgjjF1TJFyIeiFlLiF2Ln0iSbN2fBJAUAnKtx9bmLUsqVxjKzHgjOVpHQzRodBVKvs7ndVQi5A&google_hm=20bcf922e551aadd596bd9686167849a

152 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zhendaogeguoyu-xuejinsheng
www.xgcartoon.com/detail/ 		77 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b97ba6fde356f823d6ee53bd8387bf76901a71fe5f4e846c15823ad195094f5d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 04:46:24 GMT
etag
"132fb-dfSs5SDZVM/feDrFGw46j+Z84wI"
expires
Sun, 16 Jul 2023 04:47:24 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
c7957cb5d31c5fe5776a6265fb232b4e6d389e7640555fb4274e7d4e8b4169e5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 04:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72829
x-xss-protection
0
server
sffe
etag
"8304488b317d967d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Jul 2023 04:46:25 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
74d147083935eff827ac2e4ed54fc2e7dd254cab52095a0e4aa6159d8ffb470f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 04:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23131
x-xss-protection
0
server
sffe
etag
"5bdd4272a04c205e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Jul 2023 04:46:25 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
da2b00f6644d1fe22c76814a2a6ae6ea537bb034ec0a4b10e84a95f454e73a16
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 04:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9444
x-xss-protection
0
server
sffe
etag
"f0049e37660ee780"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Jul 2023 04:46:25 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
8e15f658e000c4f28370a1c65556423b3e21296ea22fdaa9eac537fee9b5e817
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 04:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14977
x-xss-protection
0
server
sffe
etag
"0f6d4c09f936ce65"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Jul 2023 04:46:25 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
9813ff99d9d31d6f8dc1a2be5e312ccf93fd7cde12bd8af56f63d3768352230e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 04:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15399
x-xss-protection
0
server
sffe
etag
"5b4398408e938665"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Jul 2023 04:46:25 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
32aa17647e6000f577562a5eda1c5537a846584a605eacd1e82653742067fa73
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 04:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4768
x-xss-protection
0
server
sffe
etag
"4a411f8f15b0c3a1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Jul 2023 04:46:25 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
0e6b5bbca42157b97d47e0c70980d08d309762466caf6a0dcb8822a60580ca2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 04:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10342
x-xss-protection
0
server
sffe
etag
"1541930e4a2c142a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Jul 2023 04:46:25 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
90749ff55eef5ddcfb2a33f1844851df55d8dd94e11459574592b980378c1ff8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 04:46:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32124
x-xss-protection
0
server
sffe
etag
"decfd95af2b74263"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 16 Jul 2023 04:46:25 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:25 GMT
last-modified
Sun, 28 Aug 2022 14:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"3473-182e4ca3706"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
13427
expires
Sun, 16 Jul 2023 04:49:25 GMT
zhendaogeguoyu-xuejinsheng.jpg
static-a.xgcartoon.com/cover/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/zhendaogeguoyu-xuejinsheng.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7dfead4869037f081d2bf5f3ce1aff3ca74d8e791d0f16047653409c2601cf

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 04:13:00 GMT
server
cloudflare
etag
"EE3A6B4D8826015FBF08778881096EFC"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7e7799f1b9024894-LIS
content-length
126926
expires
Tue, 18 Jul 2023 12:23:06 GMT
play.png
www.xgcartoon.com/img/ 		470 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:25 GMT
last-modified
Wed, 17 Aug 2022 11:09:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1d6-182ab7e5700"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
470
expires
Sun, 16 Jul 2023 04:49:25 GMT
star.png
www.xgcartoon.com/img/ 		424 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:25 GMT
last-modified
Wed, 17 Aug 2022 11:09:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1a8-182ab7e37c0"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
424
expires
Sun, 16 Jul 2023 04:49:25 GMT
yaoshenjiguoyu-fabiaodewoniu.jpg
static-a.xgcartoon.com/cover/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/yaoshenjiguoyu-fabiaodewoniu.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485be496b6aa2efdab4ee11dc23d7058a67b1aa4838060768c180bba325110b7

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 03:10:18 GMT
server
cloudflare
etag
"F7F2F4D3C44D9D0D665E0F2B476D3FDD"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7e7799f1b9034894-LIS
content-length
58137
expires
Mon, 17 Jul 2023 06:57:57 GMT
douluodaluguoyu-tangjiasanshao.jpg
static-a.xgcartoon.com/cover/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/douluodaluguoyu-tangjiasanshao.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31501eb658d9ad7b1f7ab3beb76ac12347a7e754a054369de1ce77240b1c2b39

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 09:54:58 GMT
server
cloudflare
etag
"9FA20DF464396AA98B797D1945FAFA34"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7e7799f1b9044894-LIS
content-length
49680
expires
Sun, 16 Jul 2023 10:21:28 GMT
shanhejianxinguoyu-huangjian.jpg
static-a.xgcartoon.com/cover/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/shanhejianxinguoyu-huangjian.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab892ee33bb78a2d95e788ec00e2d7ad19a785d020d5cd7c5cb563526daa16e

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 06:41:00 GMT
server
cloudflare
etag
"A44F05176B7A4AC0898C9ACCD49051C2"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7e7799f1b9054894-LIS
content-length
93736
expires
Mon, 17 Jul 2023 17:31:42 GMT
taiyixianmolu_lingfeiji_di4jiguoyu-yinyuqi.jpg
static-a.xgcartoon.com/cover/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/taiyixianmolu_lingfeiji_di4jiguoyu-yinyuqi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abdfd0e2561a3fc35873309f1fc4bcc2229760337d3167ac9d24ac2dd74e14c0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 01:57:18 GMT
server
cloudflare
etag
"D7A62F09593826EEC173A6F858CEA5E2"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
7e7799f1b9064894-LIS
content-length
83412
expires
Mon, 17 Jul 2023 15:15:17 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012306301917000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306301917000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
690964dc7677739af15182f897b06197652f5c4a99510925314f7ec1e7886f5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 15:33:22 GMT
age
306783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2967
x-xss-protection
0
server
sffe
etag
"2eebb9df52d58e90"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 15:33:22 GMT
truncated
/ 		595 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		953 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		792 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		440 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		154 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012306301917000/v0/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306301917000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
971040b3fe8992d6f24057eb6b90a08169dd2ddba2f91d2e8377926922b9c22e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 15:33:41 GMT
age
306764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64620
x-xss-protection
0
server
sffe
etag
"1658e41bb1addecc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 15:33:41 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012306301917000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306301917000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
10183d5a68f7bc154fc847bf06ffa7eab682922e435794c3581717d749242113
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 15:33:34 GMT
age
306771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"a2a3ce515b89db02"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 15:33:34 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306301917000&d_imp=1&c=86006885&ga_cid=amp-RfCmIYJlcLctD8EXnz6IOw&ga_hid=6885&dt=1689482785823&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhendaogeguoyu-xuejinsheng&bdt=983&dtd=290&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
2498cc8fe74606f4d5448e7e51ca646b98818f2c97bb0c0495bfe69e85ea371f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12886
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CMD_1-q1koADFReP_QcdqX0ELQ
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663415
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 16 Jul 2023 04:46:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306301917000&d_imp=1&c=86006885&ga_cid=amp-RfCmIYJlcLctD8EXnz6IOw&ga_hid=6885&dt=1689482785823&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhendaogeguoyu-xuejinsheng&bdt=983&dtd=293&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e69a70f6e72fabdc4096eddbdca1a2f642307a5f6b5bc62ff83d064fa5810b0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
x-creativesize
160x600
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12875
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CI2b2Oq1koADFYqe_QcdzKYEow
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663388
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 16 Jul 2023 04:46:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306301917000&d_imp=1&c=86006885&ga_cid=amp-RfCmIYJlcLctD8EXnz6IOw&ga_hid=6885&dt=1689482785823&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhendaogeguoyu-xuejinsheng&bdt=983&dtd=296&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
648e192ca19cec5eebda09309f74851740b4159749baa29c36f5eb8a64f7c18a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
320x100
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12867
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CMyY2Oq1koADFTui_QcdKtoNsg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027453793
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 16 Jul 2023 04:46:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306301917000&d_imp=1&c=86006885&ga_cid=amp-RfCmIYJlcLctD8EXnz6IOw&ga_hid=6885&dt=1689482785823&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhendaogeguoyu-xuejinsheng&bdt=983&dtd=298&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
62c8e162f03f6fd4bfc59ab2fbf4ccb1d651c7c99a0c78160238a766a0a7d309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
320x50
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12864
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CNq82Oq1koADFVmL_Qcd6v4A1g
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027455953
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 16 Jul 2023 04:46:27 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2306301917000&d_imp=1&c=86006885&ga_cid=amp-RfCmIYJlcLctD8EXnz6IOw&ga_hid=6885&dt=1689482785823&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhendaogeguoyu-xuejinsheng&bdt=983&dtd=300&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
f30a102d702152a9b8ba4a1f707da2c6118c48d2f3ae66bd293b2b9da749b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
468x60
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12876
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CJ2X2Oq1koADFZiZ_QcdAKkKXg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138353942298
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Sun, 16 Jul 2023 04:46:26 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012306301917000/v0/analytics-vendors/ 		2 KB
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306301917000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 15:33:21 GMT
age
306785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"707e438c9747f86f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 15:33:21 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
997
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 16 Jul 2023 04:29:49 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJSZ4QyFl75yleUIhhk%2BBc0eRJexlTNDSS3%2BeqU30SmqFTDXJvRodtsW7mPGhhNPbQMe%2BfvYmdtkFc5dJ4mftSuM6ReUJJ7hdnBCHjvprY%2Fx%2FPcBSf8rHjCNkdjGhA1fK9WVP4W0hHOyy9QDiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.xgcartoon.com
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
7e7799f7ffd6ff0c-MAD
container.html
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=6885&cid=amp-RfCmIYJlcLctD8EXnz6IOw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhendaogeguoyu-xuejinsheng&dr=&dt=%F0%9F%8D%B2%E6%9E%95%E5%88%80%E6%AD%8C%E3%80%90%E5%9C%8B%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1689482787&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 037E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:26 GMT
expires
Mon, 15 Jul 2024 04:46:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB92 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:26 GMT
expires
Mon, 15 Jul 2024 04:46:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC30 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:26 GMT
expires
Mon, 15 Jul 2024 04:46:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D05 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:26 GMT
expires
Mon, 15 Jul 2024 04:46:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 037E 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 19:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Jul 2024 19:05:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 037E 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
df1a1475077ea8da4e4e4138344feda397439d99503debfa8b6a7e033e4351da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32785
x-xss-protection
0
server
cafe
etag
11805356915612901821
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 037E 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CB92 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 19:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Jul 2024 19:05:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame CB92 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
24cda10e52d33d7e00711cd701a9e32ba1456af76f7111401520048e42e8f559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32783
x-xss-protection
0
server
cafe
etag
5834995231527893670
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB92 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AC30 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 19:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Jul 2024 19:05:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AC30 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
536e6ddf6ff69e4b9899cc9acf8e9b1fc794defa01eb78d3dd3db0b90e64e8aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32777
x-xss-protection
0
server
cafe
etag
7567043015668488416
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC30 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5D05 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 19:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Jul 2024 19:05:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5D05 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
350bf05188f8fa9e2bb64dd40a24ba70742d1bb24536eee85d84cd4a12ff96d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32785
x-xss-protection
0
server
cafe
etag
10570360480127693548
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D05 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
container.html
97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9D31 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:26 GMT
expires
Mon, 15 Jul 2024 04:46:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9D31 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 19:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Jul 2024 19:05:29 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9D31 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6222be31bff9d5b42d7e040b9a29cd3b274cd8e9a6cfcd0b1825ac9faabcdb0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32777
x-xss-protection
0
server
cafe
etag
8639997333470909047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D31 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 037E 		0
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4uuJWfmVfV5O4uBN4yZNEMgdxLPdRkjvNcKaKvUPKamz_0ovc1twpL7IhLyGRayevuSHkTXLaRuk5hbGQctZqEAVOJuDNRJUouUUClTjfDxgIN5LiR77TzogtajP_ATCMLPbLQrMIHNISaPHxQl7YKGk83_ev5tu6_cfzkTuCfolIrM2ZLkoInfvC9jkqiOY1xoT3d6-Keux0lADcOSNKo4vYfYdZPiW0pOsdz2J02Mh2syQF5EY2ErlANEr_ngvaKIPsBsv0Ne4zUASdWbulhRUGEP677dJDD_yMjuufSq4wSoMwvD27nrscGRovLm6NHWTYqSMDSv55S8f_pAwIYEQ8Gsbfjy7GctUG9A&sai=AMfl-YSieQ_hsaJ6cOVMiP90H_IUl-wywnRc5Iazq14pEnInILYdWnd31l7ohSrfgm4Ti10bk2wSJoLZ1iWF0ZY&sig=Cg0ArKJSzLG7x2BEjlUjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 04:46:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AC30 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzAyrrTce4Gdk3CjOaxglu1GIyq4U3BIcx4F-peysTzYqvSXrFsZbghx3asaHHIoLYpk7C4_vjANOOr-jlu6re6FuaF1IXJFBIiiwEFSQwgdY8Cd7MqcpCuamk3-P-2sleJGxEDmLutLKQj5gVjDQjdvl9oZHKZC1FfOvLw8m3SUlmHwKQyWSeZXbmOjmyNMCjP1BgqIkCXpRiWAzwjwHKKWLRo0b_cE09_BP5IBBlDb7HdqLbHGlFgAMlc81K1TzxokUpwYYyc0IT9ixsWVdzicI0b9Fpf-FmXLJ6Fay7kBAVUCQLWJooeGwfAgykD9H0-rg6DihTh5LStjlA7tSxD5pLf-P8p7HSbrzMEw&sai=AMfl-YQ8nRjNDWSH67LokS8GNHhmcpxaORHDt4rVcQVyNS1Y45P-5kI3IHAqizeaebwoIr_G5JI30MDL4fBM8y0&sig=Cg0ArKJSzFE22TVqFzD6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 04:46:27 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ Frame 037E 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3d5fc084d4a5beed4cfc94cbc2f54e9823311d651a10da808da76902c5b6ecb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125318
x-xss-protection
0
server
cafe
etag
10028980510606249942
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ Frame AC30 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f0aa4208422c8f79336d46032489c486e538074ba6eb974aa8e594c06bf5d03d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125319
x-xss-protection
0
server
cafe
etag
16280441035822481205
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB92 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQaMGeCNjynyWvekyVdf1mx5_4Vhal3b3Y4QfAr8pF5LIJv0_cOakNKLhSiNM-xQgiebYWmWiaoKF4nUViFaN50OGyg3FiUGwq2HrqwEbCFg3JAIYTduS4qW0KubW0kaM5B3k1p4uC9oVABI12peAOaR_SbW_V03wZrpIzPgJfr1Z_s0NmuFQ7duvTgmE4W0lOaZWQYxwXWdlSidbCu0308rFKpXqwcAMJR6wJAMrEtHf_vqkzDQ09ztNpHkyxU8SKU3cOXggkw3rAhCohoYbgBSf7zByzkBzZfb3sUAfXRtN-6SaPlBOJzj_wpRCioyWhTz2t6E2kKV9YvMHASs91AB76yMAMa76SvdcdFQ&sai=AMfl-YS3C7fWINmeEkIKCGsfoDDoO1DyJBz2a9LmFNpIPmlpV0tKEDulmpKHULHK92_DF944SAZpGTN-JeWrrlI&sig=Cg0ArKJSzNT11PBt-XMFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ Frame CB92 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9c15d4aace1ef35e6cba80a50a81d4906a7f1b92490a5234b963a61fb6c6a0f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125329
x-xss-protection
0
server
cafe
etag
10913481911446470588
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5D05 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE5gmiu7mhZyGnTqKNLYxyPIF3U0nbHriu89m4bAotwMEcqSXb99kyQeTaJ8O91XuAbgKkN-Of1752kbZHVWgAQwRYN5i-1Sqm3W0zkBQUp4Hpu-WV-Wj98gTfSuhx3vVbOQxo8j0HwRggXmlqY-dYBAFgLOz4b3mAd3E1qo3fQDOZFJ2Ud2gr6KQLVYiupUXbg8EpEBdrh6uI0ZxkG4Vt_dw0FBbve2ZdY1WqhS-GNhvmddsmIe2PsC9NQ0qyzo-Pclvv61jbZ1oXdXWY7lUmFigUb8UmSvFvM9ef2kH_hnbLW9qFiaCbvlD_8SoheAH3YaEW8h9DB_D9moScHQfSJisJgBsH9qRgLxyV&sai=AMfl-YTyxq_MkxVLKyIdMX0iKSX9OiIs3P9oIu-OfmbuK6wMFrzQRE0zvh3Lc2NHYOwfuHrkBCl3qi2mksfY2P0&sig=Cg0ArKJSzNpsA6SIm4SDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9D31 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_fetmSS2Fe-o6-12OW0XxOLYChl86njnEvZVzItCkA_1eebKaBzOoF89dK8hoTtiYk5a81YkhTWq9kEsa5fSB0vMiKGEuELPaHZ6ZU5cnUI-1xSRJqn8UXdarRvo5M0Fpoy0E1U4WiBTOxslP9J7zwD2XXgWW7-CzKUM1EBK32-LHDHzFBNYl-1iBvwta9iUMSZpddY-bGKT8jGI9I9edzY9BRtkAX-TSGrvLuoi2J2PcpRq2mLlP6PKDfZPkuxKgRz_xJlQy_cJ_wfuyOn0xBAN4prG6AOzk5PzZQaHqZnlCVNYgSqptWNFDaITU9Fjmwqp3zUiwKWu-Zs-mABsJogzThufLCj1U1ct-&sai=AMfl-YQNfB6iY057ECDAwrq0AZNd9ce0W0wzThiKg7E7M5w3Itsltw5s_TpKoSP45IBDHB4rreXcTkK-tjBoPZI&sig=Cg0ArKJSzMBcQeLb7OcwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
URL: https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ Frame 9D31 		356 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3268e34df3b711fbb7ffc1c956e4bdd164f54cc9d00e5a190f2d9edc29075c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125318
x-xss-protection
0
server
cafe
etag
9263769906153248975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:27 GMT
truncated
/ Frame 037E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25f04e530b31f2b27e7572455a26396490b0f4036f709e4b18a35080d7063653

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ Frame 5D05 		356 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5dfc20d516d16a783226bd5771289722bb42ac16b39ef78278ab3eff88147064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125318
x-xss-protection
0
server
cafe
etag
5840098520154634521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:28 GMT
truncated
/ Frame AC30 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
415e5fb93cd6089b058918a85bb90c5336656fb5f7d1e1aee9257021c45cad3c

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CB92 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbff80451756e63a92ef80a9e49c5b4938dcb5e7cf01a3379a4599b0db9c8b54

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.com/adsid/ Frame 037E 		107 B
197 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 41D4 		603 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=3304701936&adf=816031637&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787556&bpp=29&bdt=502&idt=769&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2894059661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42532278%2C42532280%2C31075849%2C31075879%2C31076089%2C44788441&oid=2&pvsid=641319743568916&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.wnfp0m35nhvn&fsb=1&dtd=837
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AC30 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 565F 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c7ae688d9c1df811262f976278e2219f9e42ed14a084f12ccd3e22a8938fb0b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11050
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CB92 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0294 		603 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2859409421&adf=816031638&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787724&bpp=21&bdt=660&idt=715&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=2597708548&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759927%2C44759876%2C44759837%2C42532277%2C31075849%2C31075879%2C31075882%2C44788442%2C44796476%2C21065724&oid=2&pvsid=2047191178837252&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rgb982m3s8hh&fsb=1&dtd=732
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9D31 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5BFD 		603 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=2480770705&adf=816031633&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787807&bpp=17&bdt=481&idt=656&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=626553879&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31075879%2C44788442%2C44796476%2C21065724&oid=2&pvsid=3252126994577579&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5fzh5q5sz5as&fsb=1&dtd=672
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5D05 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 00B2 		603 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=1378402740&adf=816031632&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787898&bpp=35&bdt=724&idt=590&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=626553879&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759876%2C44759927%2C42532278%2C42532280%2C44788442&oid=2&pvsid=2486682076711114&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7C%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.oglvy6ehdndp&fsb=1&dtd=619
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 037E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6k7eGvIp7WYHQ48bUfTMKrtUgvA43ICSt-ptMiP2Wjhypj1XSOXASw2Ge0zp1T3D6d__oIynt70ft3PVkRPI2lLOyG7GpKO16Zl8us-Sxe8pVtkLP9ujwtZiSf987TfK5DWV20Lqog4CDmhXexEsFmjr3c6Da8aSA4ONmWhsWbB5JrpYIufFmNU7wIqV_HLg7X2PRUT01QeB0GoP4HcP6oSPD6suHHDtGUyCL7t-1TACcL2D8xX7PZn4LYr6BxATpf-D1VwW4TzpLTFeCrhIx4deDEQBS1hRk9FKMbvEAjk8kZmjEfOaHomfoE9NrGv1FAZHx9SOSyByar8J56irGuXob0BN6GY-K8CcavFaH&sai=AMfl-YRbl-ODkE_SxgQkIuvIiMw0Vmw_DrskZ48sh06URQWborJGHsOPhugTKB7Pcl7F783cY4Lhuzf_3AwLMUA&sig=Cg0ArKJSzKSLucAWxLDlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 04:46:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 037E 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2408d28ddcdb69b383ad4735ac53e489bb8e977dc1df3286e1026a960af2ffcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11937
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4EAB 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhiM-crwATAB&v=APEucNXPd55OL8ZhgowcVT_z-C6eTA0CRB7PbPVwdoPoEs2OIhje4gqX2kS_doeQIqgNL-3qqI4o53CQ_MPaf3tRbEdy7Xzjug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 674D 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:28 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 674D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 16:00:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
45933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 16:00:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 674D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:34:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
36711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 18:34:37 GMT
l
www.google.com/ads/measurement/ Frame 674D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTUheHyt40EGA1YCCkkYRSAr-_cGbqjD0_5bw1YpfEcu0AVEmVtZq8BGr7SOPVvNBCNseC_CdUpK2KB-G2XTjdVPJuVg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 674D 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 674D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ab3b_YAtm1oq6-0Nkfl5P_YIjldZyN5QVgXeK0u6I7sGwsDxOmMuTO6Qe1kC_gBAfNBuqiBABgS9plc_psQMQscUraoPN4q0KMtlbY4SPOAe1SzAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 674D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12684917739197472437&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CB92 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLaQ-JFGP5Niyz_oeTzk1ziPd8NFNzA5E8Sv2gDYNpJoKozfmzulrRfBp0UnF290rNaPaGBjrSiePSRY75scqr4HwlErsjYhscTkxC_7xnNpyE5SfJk_4AxupidgBywwHsFZmO0wjKyFV2siAVWHMHkVyzUFETPZGB8EhOV-LtJWgm-cWvsg-kQVYq1h5FMFals9z1HFnaj8OcsHgkaeZxmSVTQOgXDSxLmSLqX2NbjKqVUYXNPHQ1a6SBiRA-bAyHF6RRVENyJ5O74Khl4aZCIu1Cs586ikAQuOkJAQ1Y1QST0p678BjiNNM6-N9VGeC9t9u5K8sIM6JXC5i5yamVSCUtJUxVoAkc7Tq4IGYn&sai=AMfl-YRfD_G3zOjN5LYSQldj1R8QbYpUrpeYQpn5zuXxj12NMprj0N_xUUr8jk42mS241-AHuSYXoGksISfit38&sig=Cg0ArKJSzK34tbEjpTdPEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 04:46:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CB92 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fd42275e976667113eb3812bcb726e6b91b14864a91c8395fafcb2af284eab84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11705
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9D31 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSWM3-aUB9l-VKx3-t4chzXKmSaKRaQspCIKVTmZOx_QZz4An7cVhMH_EF58305MMWB0_qYFz3aVtbObFyWpWyDjcwFn-lLd1OWFxe_a3kMEdie_FoBrxWnt1GLcRRTbTEkyhM7OtdWa4cm9dAaV_bWVXfTIP4dk_wnyCux5Q21ck9hHq3IPK5nrPMu8mhb-wyEvpq13givCe-SU5inUxiA0a65uPjWZurD8flgdlTEojwgI2pS05uLVbMFziU_L9d4twoPUIHd56oBS_NqOMq_CrZ-rG08Ucj6_CLANFSRnSfvbanKKjABymmPOTLKqdtJinh3eiuCYxgY2A0IcTZta3TFc_Wu53UAaqUYhs&sai=AMfl-YQMqDb4JGKN6wgmCYWCgdtFEbu5_sQBNFK8yYkN7OfOLveJqOixOTzQUKc-6LXmFGgMjttU3OrFpMay-Z8&sig=Cg0ArKJSzJmxrp2K-QUVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 04:46:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9D31 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ee58269c8fcebdbef7b89a55425d77d3f8c25a688a65f34ae1da5faf7e35dfe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11970
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5D05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujqzEJ4AvlVKxS_bp-CaonkBZGR9ombf3JlsNXRmptKe0Gm3vOyIEwlB9eqq-q1HLdISoxn4Rm-ykldkKItNysy9cD3W-IrkMSC8ijtPer8d5QJuMBhAN5PucLlmKyPNytDAkHZhiSi5RMggFGjuOvjMJy7KtQbQw77-pKIJ5O3MmmdDsU7O7cBKX_MzZBYBZmzlXtdnxvI1kzE_ZG85izTUkDfT84Hwe8ZhPt2GPrCvTbGkXGx2oiJWpUZd0zomaAUCqbZ4XZfAJncFfkKeqrozhVxNhazihyFGvOemiry5oja7XwqjSimT0VhsNRMgUrdKS_29I3dt02-eIE_49QWoRpSDbUm2ilMXRqJmo&sai=AMfl-YSaZ9-WKvrxST6-U98lZl7pibQzxX2RBbcbn9IAcZjLo7-SKiOPpRnRmg9AgMl9hpMxAJJ6qfV55OjnOaQ&sig=Cg0ArKJSzASJxC6FHobIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 04:46:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5D05 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
88ef576889214068009fde6fd65f1260e3bc2f5017b6b8d63dae5937cde56a0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11871
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 4EAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlV08sSXsSIHoepGTRUGaw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlV08sSXsSIHoepGTRUGaw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhiM-crwATAB&v=APEucNXPd55OL8ZhgowcVT_z-C6eTA0CRB7PbPVwdoPoEs2OIhje4gqX2kS_doeQIqgNL-3qqI4o53CQ_MPaf3tRbEdy7Xzjug
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 04:46:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlV08sSXsSIHoepGTRUGaw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4EAB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLN2JZ70ivfjn18csMtl8gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlV08sSXsSIHoepGTRUGaw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlV08sSXsSIHoepGTRUGaw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhiM-crwATAB&v=APEucNXPd55OL8ZhgowcVT_z-C6eTA0CRB7PbPVwdoPoEs2OIhje4gqX2kS_doeQIqgNL-3qqI4o53CQ_MPaf3tRbEdy7Xzjug
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 04:46:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlV08sSXsSIHoepGTRUGaw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4EAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFJuFi6c4CkaZLrP9CgeA4M&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFJuFi6c4CkaZLrP9CgeA4M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhiM-crwATAB&v=APEucNXPd55OL8ZhgowcVT_z-C6eTA0CRB7PbPVwdoPoEs2OIhje4gqX2kS_doeQIqgNL-3qqI4o53CQ_MPaf3tRbEdy7Xzjug
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
an-x-request-uuid
91fafe8f-7e24-4fa8-b566-6992d1248506
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.158.248.214; 195.158.248.214; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFJuFi6c4CkaZLrP9CgeA4M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4EAB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAzNDYwNzAxNTczMTc5MjM2Nw%3D%3D
170 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAzNDYwNzAxNTczMTc5MjM2Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMDiLxCBwf-HAhiM-crwATAB&v=APEucNXPd55OL8ZhgowcVT_z-C6eTA0CRB7PbPVwdoPoEs2OIhje4gqX2kS_doeQIqgNL-3qqI4o53CQ_MPaf3tRbEdy7Xzjug
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
an-x-request-uuid
3c922366-a786-428d-8087-07aa67eca71d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAzNDYwNzAxNTczMTc5MjM2Nw%3D%3D
x-proxy-origin
195.158.248.214; 195.158.248.214; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 674D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1380702365805&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 674D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1380702365805&version=m202306200101&ct=76&x=1&cor=12684917739197473000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 674D 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKIIKmledfFNy79JvrSki_IBdPYEvDft4gchiAOr7hpQ8_KxRTSmOBHFL4fSGEPOTczpNEozJt3IxeRzeUoAMG9rzp5g&cry=1&dbm_d=AKAmf-BKBGmenoq74O6Nu41pKCeVSPwEBzP9pxbA5ojQ0QR3S_CQ4k7_3Lz-9cXSG1xVv7maxU-Z3sL6hXoEgMO_le9FiNCetBmGHUmH2SRiMMf5wG1Em3GEU1jDS_OJzQtLRofezltXVnmkKSTt3KGRvqv2tCeABgHYaonyFBDlHTtQJWpcDFzXqJpIk8x1RS3Wxof79gn2nyXb-gB86Dh_PLTyyNqBeLNNs_nDUdYtDKvu6-RIibo_Eh9OSx42yUtUWqECJTEwReOLGGkfo4lgwAjv4fODn4FyISpb7DBg_SvpXoZRin-QNukGsW-mjkwODvQYv8tbn7v5nI1d6QmdI5POcsuPwdekE3YMWbOEzsiN25ADyhWRjA2wAKicbxlEyzmK42MmaWIwXE_PBv3IAVd53abK7o8voMEX0lwL8pozkqzLvmHm8knGdm2-1Q7bqnx8jtU4wgJBY4v_eBS8023gniAe7SbJrO9daR3xSELvsn7OgwkMBick0rFEHHBEXrTMimI3M15zJtWsOrOueW1x8QHXvpei0vCisGdVfn4R0XMJ_zBsSsZn3v2xb_0KzZwzPG9z7GMwRVuFlx0uzdag7OBhEk9wwL5tMeafem0xdGHNmB4vR2LO4DEGANhdnLc7vc12VUwFobvnG1lgSVcF_FGq5XA9Q36qRDimL3YMEQ_EKQ0O3DeJHhUJPMdph87RuMwMRBUzlQZsiO_DWHf-Fg4Ujk-e7WBCLb_p7GdZHjUYQV4QCDE3H1pnjhovEoJoNfpDt963WcZmXF99BSzMiBba2OHDCtyTTzx1UMUSYgLwAhGq62RW_yzlJZD6M_WFmLlYtM72VaZWvcMcVPYa3wxu9ReGW5frJ77sIzk-HYVG7B3cmKcEDZbzVfoFu0amncTQnYkplyKcpo2xGS4CcDZxAUtXBTPdihIFr1NBv_p6fGMB_gNmmj1DXUVX8FTuSJvAq_g-3XrYQjDHFi7hd-urS3CZX7le_CIz_e3cDDyN0mfPrs1Z7OtD9jGxP7cX0FJMy067pYBcRfA-9mqxLH2_GccjHwjbV-cZYIdsdzT0waU_dPg51Fc2nqKU5VFWuH2NK5DM1QcBvnyTFMcVYD_U_No7aWzx5LdqwLwynQNC-pTxwVBe6Ld8zcYMEaygnJXJ8FbXD-6etR_TB3IHQTFzCbOWgi3RNUYbW1lNULq6yQGLiRqbBHs0JOAoNm-JTfJqQLSEJedOaSdw4VQiRecaAA8XkBOWSWrtYPgQMmWRmr8A9_il1K9H_b6v0HL5u4dicV3uRek94H2wt8xL8HxOD5kLDVZ8pV_T_-jLZv0COocYTYRP0SPgzI2TYv8fJTslYjKrFJuXmTmPg4YWs6AInrNdV1Z2HjbWf6Psh4oFgMLCVwvN-iupgT7NiIOAoN0hf4TIhXCL9OyK-EGxoERVniZDn_PwvRpf5QjkQSCxs1VxoqJrwwsvBtkgDJaY_QbMAxxmFg1uwRUvGlTS-TXcvpRZMF3mwhirSMT6LFQJ2XodP9LMw6XSjGpGLUfgwfzOnJSa4OSX-IOTcYXXbGz5lFWyCxwpDYiqCgZVJkDOewqONKepA3UCOzFPIUgXmdiAKimrTDjPTa3NSk7dSQM1be3WrPYn5GvHYk4elp0a-S9A0oeBIF7Mtt8S5bLIsVSvH_TEZwhyXRFKQIo2l0_JpL_bO2Ctml9rCM3JgPLCcIJiyrpSIfKErfcxbFwzTbnNuZ0Vr0Tkf7xp50RMVuUSPfQutZ1icG614b4Bk8pX60GYYgeALfM32ggd0LWgWWKKlqCnvFV6lhkwiEMlu1j6bK85bBMH9a9megy-QA7ISu5g3v7u-PTZg8R2K855JQzKlWczz5z6ylfgHHCyCp1JgMzQUHI_OvppKUSKuHE1kPPutrYrSNzFl3m3G7OW3EoMEGgKzG1P8nrwVtqpdtrhYs2XLHoXQ29vmJABhYZF7w2_-fJipjPSBpZpdDdwlVaPxrVSS38zSZDplWSKQ95lt2N50gAAIoz-02g3iELj2VbPt8j_Xfwa1W5lIWS3rDMvVk4rgutuPIB2vKPv3E3z8tLn_gXmWprLb3IEYWK6kXsT3U_7ZZ5Rx0O1FGe7cVK4bUMCqv6ZQBQApOG213AHlvcYk8jDrKisIfbEdX3vsTsNebKvfPNZR2K72iUw6ShzQ9NRb37cBKf2A3LF-dheg69QivKXbOm6Zb-HPV12_OJYmP7zjTofaVkeeq4CCid26JZPBCTspG7YcrZWo576AgvSGqruH1jpFA9lg52US6lnfjub2Pmfl75VD1wTODMHFVLZPttca_AtR6_KiLAf2oR_FSbvKyGVL_YBylRsRPMI021VZkWd-ZKL0C471SphZwIDg8d0RLrlk7OMSKHJWaohD9_gw3BNnQhDUTIYtznNEzovNRwm8DqY0cMpUJ8TtVRGOeETucKWw0y_L_VjebZvTWavq4_nSYwf5f5xja3h99Hls4fo2FtcDgMwbuGpd42YY1RnXdXOaxhc9iSo_86NQOv_9lmn8RmG8CGyuAFPxL0IPT5GyRfsytFTZOCntrtR1uUSIkP0BsVyyMT2zny5_daLOk2niJSbM8P5Ak5Lx1zEyOzbNiCdQXrppVZNN_nnhEC1rboshmgCqFJqwoVW4DT-zbRT-YJ6UpHuiLXIkA_SyLvotnkbphdJShkIItZY8XKr67FynznIlWkzOvY4pq0MaSJ91aIkBpbYSwdwIlKnW2xkJjf2iA0qQtkc_T_cDq9QrirO1-3fb5YDVG4Bw93fo2onqI7XbzvH3DQ31jWlXh_-MubeuraH6TEs7GFsdMpMHeMDtXRoyI8Hl_M4czgpAbr6St46vl9wGygyJ3cKzKfpQdUnMp88zFcrjSvZX2Ru3_tv7BQ-tEMOmdp2AUrWniLSfcDAba0s0nuvXyFZzWpgTc4l0ukuGF5CqTdQrFDHTlp4PDWyva7GC8ZMDdgIrHu83ZCo5K5Mezzo9NjSGBFE_nPjd6NHZ18eTDp032FS5yQAeySwY8ZpEMqsTGDieXx_DalpQlXtQM3oEGUZ_3y6rKNDOSKt67YjdaXW8I9CS_nyAhnFuXPvguVM9A2t1E47Ups7mB-xYT8xRqe47Pye7Ub1EwtDnQdJI48LePtLnKmTTklkIWeNgtZh1VCzOZL8hZGxtMlH7AAsZQvdhFo1XjUN28m4dHpL&cid=CAQSKQBpAlJWWElIskuV25jBUEzRJc0gQpKny2rCQ4UxNL7z5hg2aahxp_D2GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=12684917739197473000&adk=1626895633&idt=206&cac=0&dtd=33
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d3faf68dc0a10640c4a22a2523e88179dd73ae3ecd6c4025e8f4afa31be33d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37180
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CB92 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 04:46:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9D31 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 04:46:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 037E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 04:46:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5D05 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 04:46:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 252E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
45934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 16:00:55 GMT
expires
Sun, 14 Jul 2024 16:00:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 72EA 		783 B
1006 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
50c8502c3786a5d3c9b8656f500b399950f70e3ef904a3c2749c8e94df3c7257
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-36vfVHMSXA07wRZRTR5nNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-36vfVHMSXA07wRZRTR5nNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:29 GMT
expires
Sun, 16 Jul 2023 04:46:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 674D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jul 2023 13:52:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 674D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKIIKmledfFNy79JvrSki_IBdPYEvDft4gchiAOr7hpQ8_KxRTSmOBHFL4fSGEPOTczpNEozJt3IxeRzeUoAMG9rzp5g&cry=1&dbm_d=AKAmf-BKBGmenoq74O6Nu41pKCeVSPwEBzP9pxbA5ojQ0QR3S_CQ4k7_3Lz-9cXSG1xVv7maxU-Z3sL6hXoEgMO_le9FiNCetBmGHUmH2SRiMMf5wG1Em3GEU1jDS_OJzQtLRofezltXVnmkKSTt3KGRvqv2tCeABgHYaonyFBDlHTtQJWpcDFzXqJpIk8x1RS3Wxof79gn2nyXb-gB86Dh_PLTyyNqBeLNNs_nDUdYtDKvu6-RIibo_Eh9OSx42yUtUWqECJTEwReOLGGkfo4lgwAjv4fODn4FyISpb7DBg_SvpXoZRin-QNukGsW-mjkwODvQYv8tbn7v5nI1d6QmdI5POcsuPwdekE3YMWbOEzsiN25ADyhWRjA2wAKicbxlEyzmK42MmaWIwXE_PBv3IAVd53abK7o8voMEX0lwL8pozkqzLvmHm8knGdm2-1Q7bqnx8jtU4wgJBY4v_eBS8023gniAe7SbJrO9daR3xSELvsn7OgwkMBick0rFEHHBEXrTMimI3M15zJtWsOrOueW1x8QHXvpei0vCisGdVfn4R0XMJ_zBsSsZn3v2xb_0KzZwzPG9z7GMwRVuFlx0uzdag7OBhEk9wwL5tMeafem0xdGHNmB4vR2LO4DEGANhdnLc7vc12VUwFobvnG1lgSVcF_FGq5XA9Q36qRDimL3YMEQ_EKQ0O3DeJHhUJPMdph87RuMwMRBUzlQZsiO_DWHf-Fg4Ujk-e7WBCLb_p7GdZHjUYQV4QCDE3H1pnjhovEoJoNfpDt963WcZmXF99BSzMiBba2OHDCtyTTzx1UMUSYgLwAhGq62RW_yzlJZD6M_WFmLlYtM72VaZWvcMcVPYa3wxu9ReGW5frJ77sIzk-HYVG7B3cmKcEDZbzVfoFu0amncTQnYkplyKcpo2xGS4CcDZxAUtXBTPdihIFr1NBv_p6fGMB_gNmmj1DXUVX8FTuSJvAq_g-3XrYQjDHFi7hd-urS3CZX7le_CIz_e3cDDyN0mfPrs1Z7OtD9jGxP7cX0FJMy067pYBcRfA-9mqxLH2_GccjHwjbV-cZYIdsdzT0waU_dPg51Fc2nqKU5VFWuH2NK5DM1QcBvnyTFMcVYD_U_No7aWzx5LdqwLwynQNC-pTxwVBe6Ld8zcYMEaygnJXJ8FbXD-6etR_TB3IHQTFzCbOWgi3RNUYbW1lNULq6yQGLiRqbBHs0JOAoNm-JTfJqQLSEJedOaSdw4VQiRecaAA8XkBOWSWrtYPgQMmWRmr8A9_il1K9H_b6v0HL5u4dicV3uRek94H2wt8xL8HxOD5kLDVZ8pV_T_-jLZv0COocYTYRP0SPgzI2TYv8fJTslYjKrFJuXmTmPg4YWs6AInrNdV1Z2HjbWf6Psh4oFgMLCVwvN-iupgT7NiIOAoN0hf4TIhXCL9OyK-EGxoERVniZDn_PwvRpf5QjkQSCxs1VxoqJrwwsvBtkgDJaY_QbMAxxmFg1uwRUvGlTS-TXcvpRZMF3mwhirSMT6LFQJ2XodP9LMw6XSjGpGLUfgwfzOnJSa4OSX-IOTcYXXbGz5lFWyCxwpDYiqCgZVJkDOewqONKepA3UCOzFPIUgXmdiAKimrTDjPTa3NSk7dSQM1be3WrPYn5GvHYk4elp0a-S9A0oeBIF7Mtt8S5bLIsVSvH_TEZwhyXRFKQIo2l0_JpL_bO2Ctml9rCM3JgPLCcIJiyrpSIfKErfcxbFwzTbnNuZ0Vr0Tkf7xp50RMVuUSPfQutZ1icG614b4Bk8pX60GYYgeALfM32ggd0LWgWWKKlqCnvFV6lhkwiEMlu1j6bK85bBMH9a9megy-QA7ISu5g3v7u-PTZg8R2K855JQzKlWczz5z6ylfgHHCyCp1JgMzQUHI_OvppKUSKuHE1kPPutrYrSNzFl3m3G7OW3EoMEGgKzG1P8nrwVtqpdtrhYs2XLHoXQ29vmJABhYZF7w2_-fJipjPSBpZpdDdwlVaPxrVSS38zSZDplWSKQ95lt2N50gAAIoz-02g3iELj2VbPt8j_Xfwa1W5lIWS3rDMvVk4rgutuPIB2vKPv3E3z8tLn_gXmWprLb3IEYWK6kXsT3U_7ZZ5Rx0O1FGe7cVK4bUMCqv6ZQBQApOG213AHlvcYk8jDrKisIfbEdX3vsTsNebKvfPNZR2K72iUw6ShzQ9NRb37cBKf2A3LF-dheg69QivKXbOm6Zb-HPV12_OJYmP7zjTofaVkeeq4CCid26JZPBCTspG7YcrZWo576AgvSGqruH1jpFA9lg52US6lnfjub2Pmfl75VD1wTODMHFVLZPttca_AtR6_KiLAf2oR_FSbvKyGVL_YBylRsRPMI021VZkWd-ZKL0C471SphZwIDg8d0RLrlk7OMSKHJWaohD9_gw3BNnQhDUTIYtznNEzovNRwm8DqY0cMpUJ8TtVRGOeETucKWw0y_L_VjebZvTWavq4_nSYwf5f5xja3h99Hls4fo2FtcDgMwbuGpd42YY1RnXdXOaxhc9iSo_86NQOv_9lmn8RmG8CGyuAFPxL0IPT5GyRfsytFTZOCntrtR1uUSIkP0BsVyyMT2zny5_daLOk2niJSbM8P5Ak5Lx1zEyOzbNiCdQXrppVZNN_nnhEC1rboshmgCqFJqwoVW4DT-zbRT-YJ6UpHuiLXIkA_SyLvotnkbphdJShkIItZY8XKr67FynznIlWkzOvY4pq0MaSJ91aIkBpbYSwdwIlKnW2xkJjf2iA0qQtkc_T_cDq9QrirO1-3fb5YDVG4Bw93fo2onqI7XbzvH3DQ31jWlXh_-MubeuraH6TEs7GFsdMpMHeMDtXRoyI8Hl_M4czgpAbr6St46vl9wGygyJ3cKzKfpQdUnMp88zFcrjSvZX2Ru3_tv7BQ-tEMOmdp2AUrWniLSfcDAba0s0nuvXyFZzWpgTc4l0ukuGF5CqTdQrFDHTlp4PDWyva7GC8ZMDdgIrHu83ZCo5K5Mezzo9NjSGBFE_nPjd6NHZ18eTDp032FS5yQAeySwY8ZpEMqsTGDieXx_DalpQlXtQM3oEGUZ_3y6rKNDOSKt67YjdaXW8I9CS_nyAhnFuXPvguVM9A2t1E47Ups7mB-xYT8xRqe47Pye7Ub1EwtDnQdJI48LePtLnKmTTklkIWeNgtZh1VCzOZL8hZGxtMlH7AAsZQvdhFo1XjUN28m4dHpL&cid=CAQSKQBpAlJWWElIskuV25jBUEzRJc0gQpKny2rCQ4UxNL7z5hg2aahxp_D2GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=12684917739197473000&adk=1626895633&idt=206&cac=0&dtd=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:58:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
53277
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:58:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 674D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKIIKmledfFNy79JvrSki_IBdPYEvDft4gchiAOr7hpQ8_KxRTSmOBHFL4fSGEPOTczpNEozJt3IxeRzeUoAMG9rzp5g&cry=1&dbm_d=AKAmf-BKBGmenoq74O6Nu41pKCeVSPwEBzP9pxbA5ojQ0QR3S_CQ4k7_3Lz-9cXSG1xVv7maxU-Z3sL6hXoEgMO_le9FiNCetBmGHUmH2SRiMMf5wG1Em3GEU1jDS_OJzQtLRofezltXVnmkKSTt3KGRvqv2tCeABgHYaonyFBDlHTtQJWpcDFzXqJpIk8x1RS3Wxof79gn2nyXb-gB86Dh_PLTyyNqBeLNNs_nDUdYtDKvu6-RIibo_Eh9OSx42yUtUWqECJTEwReOLGGkfo4lgwAjv4fODn4FyISpb7DBg_SvpXoZRin-QNukGsW-mjkwODvQYv8tbn7v5nI1d6QmdI5POcsuPwdekE3YMWbOEzsiN25ADyhWRjA2wAKicbxlEyzmK42MmaWIwXE_PBv3IAVd53abK7o8voMEX0lwL8pozkqzLvmHm8knGdm2-1Q7bqnx8jtU4wgJBY4v_eBS8023gniAe7SbJrO9daR3xSELvsn7OgwkMBick0rFEHHBEXrTMimI3M15zJtWsOrOueW1x8QHXvpei0vCisGdVfn4R0XMJ_zBsSsZn3v2xb_0KzZwzPG9z7GMwRVuFlx0uzdag7OBhEk9wwL5tMeafem0xdGHNmB4vR2LO4DEGANhdnLc7vc12VUwFobvnG1lgSVcF_FGq5XA9Q36qRDimL3YMEQ_EKQ0O3DeJHhUJPMdph87RuMwMRBUzlQZsiO_DWHf-Fg4Ujk-e7WBCLb_p7GdZHjUYQV4QCDE3H1pnjhovEoJoNfpDt963WcZmXF99BSzMiBba2OHDCtyTTzx1UMUSYgLwAhGq62RW_yzlJZD6M_WFmLlYtM72VaZWvcMcVPYa3wxu9ReGW5frJ77sIzk-HYVG7B3cmKcEDZbzVfoFu0amncTQnYkplyKcpo2xGS4CcDZxAUtXBTPdihIFr1NBv_p6fGMB_gNmmj1DXUVX8FTuSJvAq_g-3XrYQjDHFi7hd-urS3CZX7le_CIz_e3cDDyN0mfPrs1Z7OtD9jGxP7cX0FJMy067pYBcRfA-9mqxLH2_GccjHwjbV-cZYIdsdzT0waU_dPg51Fc2nqKU5VFWuH2NK5DM1QcBvnyTFMcVYD_U_No7aWzx5LdqwLwynQNC-pTxwVBe6Ld8zcYMEaygnJXJ8FbXD-6etR_TB3IHQTFzCbOWgi3RNUYbW1lNULq6yQGLiRqbBHs0JOAoNm-JTfJqQLSEJedOaSdw4VQiRecaAA8XkBOWSWrtYPgQMmWRmr8A9_il1K9H_b6v0HL5u4dicV3uRek94H2wt8xL8HxOD5kLDVZ8pV_T_-jLZv0COocYTYRP0SPgzI2TYv8fJTslYjKrFJuXmTmPg4YWs6AInrNdV1Z2HjbWf6Psh4oFgMLCVwvN-iupgT7NiIOAoN0hf4TIhXCL9OyK-EGxoERVniZDn_PwvRpf5QjkQSCxs1VxoqJrwwsvBtkgDJaY_QbMAxxmFg1uwRUvGlTS-TXcvpRZMF3mwhirSMT6LFQJ2XodP9LMw6XSjGpGLUfgwfzOnJSa4OSX-IOTcYXXbGz5lFWyCxwpDYiqCgZVJkDOewqONKepA3UCOzFPIUgXmdiAKimrTDjPTa3NSk7dSQM1be3WrPYn5GvHYk4elp0a-S9A0oeBIF7Mtt8S5bLIsVSvH_TEZwhyXRFKQIo2l0_JpL_bO2Ctml9rCM3JgPLCcIJiyrpSIfKErfcxbFwzTbnNuZ0Vr0Tkf7xp50RMVuUSPfQutZ1icG614b4Bk8pX60GYYgeALfM32ggd0LWgWWKKlqCnvFV6lhkwiEMlu1j6bK85bBMH9a9megy-QA7ISu5g3v7u-PTZg8R2K855JQzKlWczz5z6ylfgHHCyCp1JgMzQUHI_OvppKUSKuHE1kPPutrYrSNzFl3m3G7OW3EoMEGgKzG1P8nrwVtqpdtrhYs2XLHoXQ29vmJABhYZF7w2_-fJipjPSBpZpdDdwlVaPxrVSS38zSZDplWSKQ95lt2N50gAAIoz-02g3iELj2VbPt8j_Xfwa1W5lIWS3rDMvVk4rgutuPIB2vKPv3E3z8tLn_gXmWprLb3IEYWK6kXsT3U_7ZZ5Rx0O1FGe7cVK4bUMCqv6ZQBQApOG213AHlvcYk8jDrKisIfbEdX3vsTsNebKvfPNZR2K72iUw6ShzQ9NRb37cBKf2A3LF-dheg69QivKXbOm6Zb-HPV12_OJYmP7zjTofaVkeeq4CCid26JZPBCTspG7YcrZWo576AgvSGqruH1jpFA9lg52US6lnfjub2Pmfl75VD1wTODMHFVLZPttca_AtR6_KiLAf2oR_FSbvKyGVL_YBylRsRPMI021VZkWd-ZKL0C471SphZwIDg8d0RLrlk7OMSKHJWaohD9_gw3BNnQhDUTIYtznNEzovNRwm8DqY0cMpUJ8TtVRGOeETucKWw0y_L_VjebZvTWavq4_nSYwf5f5xja3h99Hls4fo2FtcDgMwbuGpd42YY1RnXdXOaxhc9iSo_86NQOv_9lmn8RmG8CGyuAFPxL0IPT5GyRfsytFTZOCntrtR1uUSIkP0BsVyyMT2zny5_daLOk2niJSbM8P5Ak5Lx1zEyOzbNiCdQXrppVZNN_nnhEC1rboshmgCqFJqwoVW4DT-zbRT-YJ6UpHuiLXIkA_SyLvotnkbphdJShkIItZY8XKr67FynznIlWkzOvY4pq0MaSJ91aIkBpbYSwdwIlKnW2xkJjf2iA0qQtkc_T_cDq9QrirO1-3fb5YDVG4Bw93fo2onqI7XbzvH3DQ31jWlXh_-MubeuraH6TEs7GFsdMpMHeMDtXRoyI8Hl_M4czgpAbr6St46vl9wGygyJ3cKzKfpQdUnMp88zFcrjSvZX2Ru3_tv7BQ-tEMOmdp2AUrWniLSfcDAba0s0nuvXyFZzWpgTc4l0ukuGF5CqTdQrFDHTlp4PDWyva7GC8ZMDdgIrHu83ZCo5K5Mezzo9NjSGBFE_nPjd6NHZ18eTDp032FS5yQAeySwY8ZpEMqsTGDieXx_DalpQlXtQM3oEGUZ_3y6rKNDOSKt67YjdaXW8I9CS_nyAhnFuXPvguVM9A2t1E47Ups7mB-xYT8xRqe47Pye7Ub1EwtDnQdJI48LePtLnKmTTklkIWeNgtZh1VCzOZL8hZGxtMlH7AAsZQvdhFo1XjUN28m4dHpL&cid=CAQSKQBpAlJWWElIskuV25jBUEzRJc0gQpKny2rCQ4UxNL7z5hg2aahxp_D2GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=12684917739197473000&adk=1626895633&idt=206&cac=0&dtd=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 14:06:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
52815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 14:06:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 674D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 13:46:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
226771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jul 2024 13:46:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 13D2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

age
36545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:37:24 GMT
etag
48472445140208031
expires
Sun, 16 Jul 2023 18:37:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 674D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd6537f17fe859f1df411e75704aff06cbd70cb1e337b33034921b635397bccc

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7B9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
45934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 16:00:55 GMT
expires
Sun, 14 Jul 2024 16:00:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DD93 		783 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
fa4fbe2033afe7c1c1db8ef47a39f4fc409e5cbf117239c07ea43ee914db5e0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--2nD8N7MdSgTpv9nKGXNtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce--2nD8N7MdSgTpv9nKGXNtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:29 GMT
expires
Sun, 16 Jul 2023 04:46:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB3D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
45934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 16:00:55 GMT
expires
Sun, 14 Jul 2024 16:00:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 155C 		783 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
e8d3e0e6a9ef4ecf68408eb9b98eede2c7d5d2f16644b84a327023ab4837205d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-11pTz_88S56hTPPHJYEvUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-11pTz_88S56hTPPHJYEvUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:29 GMT
expires
Sun, 16 Jul 2023 04:46:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37B6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
45934
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 16:00:55 GMT
expires
Sun, 14 Jul 2024 16:00:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 883A 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
a6c011d36e4743d6c27cabbcbbbfc14443c87c56b6200617ff0596c06ee43c48
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kJMKosYLxYfK0c_uM3AZmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-kJMKosYLxYfK0c_uM3AZmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:29 GMT
expires
Sun, 16 Jul 2023 04:46:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 13D2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN4QrY-vZBdHUBw6ffchSAQ&google_cver=1&google_push=AaAOQGGCBjD0LlfXyJywVVIQ8v1W6-fyAUlBN1kTWz0tUVLu6i2q3v3URGMBjGsHrem0LjU_nstATcOP...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN4QrY-vZBdHUBw6ffchSAQ&google_cver=1&google_push=AaAOQGGCBjD0LlfXyJywVVIQ8v1W6-fyAUlBN1kTWz0tUVLu6i2q3v3URGMBjGsHrem0LjU_nst...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM5OTAyMTUzNjQyNjE1MjQyOA&google_push=AaAOQGGCBjD0LlfXyJywVVIQ8v1W6-fyAUlBN1kTWz0tUVLu6i2q3v3URGMBjGsHrem0LjU_nstATc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM5OTAyMTUzNjQyNjE1MjQyOA&google_push=AaAOQGGCBjD0LlfXyJywVVIQ8v1W6-fyAUlBN1kTWz0tUVLu6i2q3v3URGMBjGsHrem0LjU_nstATcOPDr6hMFSxYGsmOwIZWIZX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzM5OTAyMTUzNjQyNjE1MjQyOA&google_push=AaAOQGGCBjD0LlfXyJywVVIQ8v1W6-fyAUlBN1kTWz0tUVLu6i2q3v3URGMBjGsHrem0LjU_nstATcOPDr6hMFSxYGsmOwIZWIZX
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
dsp.adkernel.com/ Frame 13D2 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJdimpSq4tb9VBc5yYHPLj4&google_cver=1&google_push=AaAOQGGvDfnnWOU8P40FNOytj3zuKRj1Vh7l5uqFnUZMnPjuUapwmnnOfzAO_zk5QP6agAPChrLGeOM_eOf2kPgW7crH54sAUyo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 04:46:29 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 13D2
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEAoxwLXZwJLo6RIm8J55M6c&google_cver=1&google_push=AaAOQGH4jdU34hJ9qHNxS15ZITB2zhEG535ftgri_pxFR1tQI1pTMTZ4Knn-s17FJltvObAEn2OQQMAOPriOxVAapH1xU-eI4iI
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGH4jdU34hJ9qHNxS15ZITB2zhEG535ftgri_pxFR1tQI1pTMTZ4Knn-s17FJltvObAEn2OQQMAOPriOxVAapH1xU-eI4iI&google_hm=Z2YwMDgwOGM3OTU2ZTU4Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGH4jdU34hJ9qHNxS15ZITB2zhEG535ftgri_pxFR1tQI1pTMTZ4Knn-s17FJltvObAEn2OQQMAOPriOxVAapH1xU-eI4iI&google_hm=Z2YwMDgwOGM3OTU2ZTU4ZTk3M2U=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGH4jdU34hJ9qHNxS15ZITB2zhEG535ftgri_pxFR1tQI1pTMTZ4Knn-s17FJltvObAEn2OQQMAOPriOxVAapH1xU-eI4iI&google_hm=Z2YwMDgwOGM3OTU2ZTU4ZTk3M2U=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 13D2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEACTRC7p5LAkQM--07arGR0&google_cver=1&google_push=AaAOQGGdswVx9tK3t5GDE1pSCYLYP-hsnmVAP9Ac_1sgQcbBHvu6U-RcnO2qfyNe8PZ6GXNNatkh1l_q3xNQZB0b3H97veG6SQYC
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGGdswVx9tK3t5GDE1pSCYLYP-hsnmVAP9Ac_1sgQcbBHvu6U-RcnO2qfyNe8PZ6GXNNatkh1l_q3xNQZB0b3H97veG6SQY...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE3NzI2MDAwMjMwMTk1MTkwMDQzMA%3D%3D&google_push=AaAOQGGdswVx9tK3t5GDE1pSCYLYP-hsnmVAP9Ac_1sgQcbBHvu6U-Rc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE3NzI2MDAwMjMwMTk1MTkwMDQzMA%3D%3D&google_push=AaAOQGGdswVx9tK3t5GDE1pSCYLYP-hsnmVAP9Ac_1sgQcbBHvu6U-RcnO2qfyNe8PZ6GXNNatkh1l_q3xNQZB0b3H97veG6SQYC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE3NzI2MDAwMjMwMTk1MTkwMDQzMA%3D%3D&google_push=AaAOQGGdswVx9tK3t5GDE1pSCYLYP-hsnmVAP9Ac_1sgQcbBHvu6U-RcnO2qfyNe8PZ6GXNNatkh1l_q3xNQZB0b3H97veG6SQYC
date
Sun, 16 Jul 2023 04:46:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 13D2
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEIg3pfHhHGspDgkDOmSxLGo&google_cver=1&google_push=AaAOQGER8ZIUH_AP36qt7n11algnNBWmRa0PVHFdNLM9dcWT9oNsGGEnYeaL9hhdqhrB4HD5wzrY3...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AaAOQGER8ZIUH_AP36qt7n11algnNBWmRa0PVHFdNLM9dcWT9oNsGGEnYeaL9hhdqhrB4HD5wzrY30vWp44ewhYFiXDKTwL8UkE&google_hm=WkxOMkpzQ284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AaAOQGER8ZIUH_AP36qt7n11algnNBWmRa0PVHFdNLM9dcWT9oNsGGEnYeaL9hhdqhrB4HD5wzrY30vWp44ewhYFiXDKTwL8UkE&google_hm=WkxOMkpzQ284WG9BQUMzbWJ5TUFBQUFB
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 16 Jul 2023 04:46:30 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEIg3pfHhHGspDgkDOmSxLGo&google_push=AaAOQGER8ZIUH_AP36qt7n11algnNBWmRa0PVHFdNLM9dcWT9oNsGGEnYeaL9hhdqhrB4HD5wzrY30vWp44ewhYFiXDKTwL8UkE&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZLN2JsCo8XoAAC3mbyMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad431"}
X-SO-Key
ZLN2JsCo8XoAAC3mbyMAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad431
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AaAOQGER8ZIUH_AP36qt7n11algnNBWmRa0PVHFdNLM9dcWT9oNsGGEnYeaL9hhdqhrB4HD5wzrY30vWp44ewhYFiXDKTwL8UkE&google_hm=WkxOMkpzQ284WG9BQUMzbWJ5TUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad431.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-IP
195.158.248.214
report
sync.teads.tv/um/ Frame 13D2
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKhuQKr_saOd...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGF6zk8Z4H2TUF_PclbfhM8v3ghIj6c5veeEHdkmJa_jm64TgWtoSs_P_FWVbGSjLCg43_MJMBqC-TTeB5RhsHpsSM_Mf0bz
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 16 Jul 2023 04:46:29 GMT
pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 13D2
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEBGhLWeFI5gjj-x9mHD9wWE&google_cver=1&google_push=AaAOQGFX6rjmcPfKox1c96kr0EZ-xgjjF1TJFyIeiFlLiF2Ln0iSbN2fBJAUAnKtx9bmLUsqVxjKzHgjOVpHQzRodBVKvs7nd...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGFX6rjmcPfKox1c96kr0EZ-xgjjF1TJFyIeiFlLiF2Ln0iSbN2fBJAUAnKtx9bmLUsqVxjKzHgjOVpHQzRodBVKvs7ndVQi5A&google_hm=20bcf922e551...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGFX6rjmcPfKox1c96kr0EZ-xgjjF1TJFyIeiFlLiF2Ln0iSbN2fBJAUAnKtx9bmLUsqVxjKzHgjOVpHQzRodBVKvs7ndVQi5A&google_hm=20bcf922e551aadd596bd9686167849a
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGFX6rjmcPfKox1c96kr0EZ-xgjjF1TJFyIeiFlLiF2Ln0iSbN2fBJAUAnKtx9bmLUsqVxjKzHgjOVpHQzRodBVKvs7ndVQi5A&google_hm=20bcf922e551aadd596bd9686167849a
date
Sun, 16 Jul 2023 04:46:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 13D2 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kz_bnV4rB7UoFnImWOy0QM6ohOhcnQ3txgmDb9R177q2BiVL9T2rb_XONOGjvJp-rMducYhp0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1204641571&adf=816031639&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689482787668&bpp=26&bdt=548&idt=735&shv=r20230711&mjsv=m202307110102&ptt=5&saldr=sa&is_amp=1&correlator=6885&frm=24&ife=3&pv=2&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=2592616596&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31075880%2C44788441&oid=2&pvsid=86923880099458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mva2242gbmyb&fsb=1&dtd=756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 72EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=2047191178837252&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE62 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
226770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 13:46:59 GMT
expires
Fri, 12 Jul 2024 13:46:59 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 252E 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
274650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 00:28:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DD93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=3252126994577579&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame A7B9 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
274650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 00:28:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 155C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=641319743568916&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame DB3D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
274650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 00:28:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 883A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=2486682076711114&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 37B6 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
274650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 00:28:59 GMT
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame CE62 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
274650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 00:28:59 GMT
index.html
s0.2mdn.net/sadbundle/8779601321339454873/ Frame D395 		126 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8779601321339454873/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
2210cd21898738930267fc85e4f79098f6a45f66bb48401b3031f7f19a36bb8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
261900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23892
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 04:01:29 GMT
expires
Fri, 12 Jul 2024 04:01:29 GMT
last-modified
Wed, 12 Jul 2023 22:15:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 674D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZ_kRKoUSZX-vPmBrlFEFaCo4pgVJ7z3DDtthbtPx_2JZMiaOJyUadj4oFOMk5dzQjCwIW293GMEz5voxSrj3TCyrKbQNdmnqK3b76KanttSdaIbizf1uW0M5ezSqRClwE3a3492CHtq24EnpKd3qQg-mf6oXT3xudUi-kVy21b9XAgmwVyYJq9NtQNkVq0u0VESGuEWQd-Zujxd2SDLFOIxTogrs8lwvBdQZJH9agVBxui6btzgFnzHxhieL4gyvcoPQKsLvMTJYpFZQHSDPviiN-m22eSCGiNBc7W8EwHD4ctvMjweVY47LWslITv29xsF08DH1tHoV90U9YhfbgZO8JZNB_YYm-WE7XLBphDvY-42zWT8rboDPQfy5UZV2G8IAxc7FWT1ssr-XOdYX4l1sRq_BqZsryuauzwLBxfLdwSIB4YEYJU0RbzW9B7GlsLvVos63vKz1Ez5kRWLu9FCkHU-27kiGxjrt2dhD59byXIQv8WtmeGl2baMwss5jLwA_SzsxBvo7an6VqrQgEbeckdg3J_1sz26LuHkYSlLqtl2_SNPZYhGOueZuD81Yt2E69x1J2kbp3w0Yt3BtIduwws9CEZ4IT3o7yjqhgMajuvp6LpCEHi7Rp5_ipo4LiLuZpcOtcRoq0QQU6TaBUMVMb29bImVMvZgpfJy9iOOJ_7Zodmk_7WoxZch9c2qgTJlnFdAiW0GlP1ru8NAljzEp6J-Rh5ZTHV9-IXOGTBO342KB6XK_s29wmWVWgYDKjtCKFoJAeHnYmwwf-yGgv47OzFJ-Fp_K-cGc52TJp8I2p4hL9lgv80K64uz1gY7pvlb6KIjrX1wXrl879ctXOIG2-LsG96lrLe3JbjdicSBHICQFHVsrhQxzrNSLCUDK2jd8gFQUHzuGwr5yskqEUStZNInpdqQG5kHQSPk5OuKQV0w4PCAg5YhVihE0WBqYb332VuqbtgBaZAx2lf3XHtE9t26f9a0TsoRMv1hCJNp8KgOoqiZAuQ3a2A2n3X4RVXz8egFM44H1eo0moAyjvAgiIw_wCg080BqNBrZUX14y7K6uEKl9PkbN7DQF6sSosIkeO_KUnXMi8m2-vrYwEj82Em_Gpaigko1qhtcxVDa-gIWp_xiq2Aeh8wFelMvZOanozr7_SHUN8kArDUASVEmS1pvXnA2qS_0QKRoBu-EGxTsszciB9nVC98JAVByk9QTKUhESn65ar6Ug&sai=AMfl-YQ6ov4KXm81mhhrAnbVm2SifGy1n-rNCk9RYbqhX8yfymgqSTSXEFuB73OIckmTcQPYvRsJoCeQz5JRKY8S_H0PjrwoncneNBBvn4VA0iGtKaIEs-0QBMidvFJtOHjJWgrLURVA121lsGwSht6dDjjAG_x-gq-kS1jqR6ceoovY7HpE17bY_MBOOvobRtsxMfQDvaIIeU0A&sig=Cg0ArKJSzN-wNX27thn0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=492&cbvp=1&cstd=485&cisv=r20230711.83202&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 16 Jul 2023 04:46:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 16 Jul 2023 04:46:29 GMT
generate_204
tpc.googlesyndication.com/ Frame 252E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gpnTFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 037E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqrAbpU9gukYCqBdIV8WpkCS4cka5me20be5Y5GvYxFalHAGKyRwjcgabGnqmxJGkUkDw3eHEQAHYNYIMQlxf5LtDN4LZs9papgdxVff9UdeuKmY0W&sig=Cg0ArKJSzAz2hdP2X4EKEAE&id=lidar2&mcvt=1038&p=0,0,90,728&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689482786774&rpt=1880&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A7B9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VmWHpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame DB3D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rg-WRw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame D395 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8779601321339454873/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8779601321339454873/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 04:31:52 GMT
generate_204
tpc.googlesyndication.com/ Frame 37B6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TdMj5g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 674D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZ_kRKoUSZX-vPmBrlFEFaCo4pgVJ7z3DDtthbtPx_2JZMiaOJyUadj4oFOMk5dzQjCwIW293GMEz5voxSrj3TCyrKbQNdmnqK3b76KanttSdaIbizf1uW0M5ezSqRClwE3a3492CHtq24EnpKd3qQg-mf6oXT3xudUi-kVy21b9XAgmwVyYJq9NtQNkVq0u0VESGuEWQd-Zujxd2SDLFOIxTogrs8lwvBdQZJH9agVBxui6btzgFnzHxhieL4gyvcoPQKsLvMTJYpFZQHSDPviiN-m22eSCGiNBc7W8EwHD4ctvMjweVY47LWslITv29xsF08DH1tHoV90U9YhfbgZO8JZNB_YYm-WE7XLBphDvY-42zWT8rboDPQfy5UZV2G8IAxc7FWT1ssr-XOdYX4l1sRq_BqZsryuauzwLBxfLdwSIB4YEYJU0RbzW9B7GlsLvVos63vKz1Ez5kRWLu9FCkHU-27kiGxjrt2dhD59byXIQv8WtmeGl2baMwss5jLwA_SzsxBvo7an6VqrQgEbeckdg3J_1sz26LuHkYSlLqtl2_SNPZYhGOueZuD81Yt2E69x1J2kbp3w0Yt3BtIduwws9CEZ4IT3o7yjqhgMajuvp6LpCEHi7Rp5_ipo4LiLuZpcOtcRoq0QQU6TaBUMVMb29bImVMvZgpfJy9iOOJ_7Zodmk_7WoxZch9c2qgTJlnFdAiW0GlP1ru8NAljzEp6J-Rh5ZTHV9-IXOGTBO342KB6XK_s29wmWVWgYDKjtCKFoJAeHnYmwwf-yGgv47OzFJ-Fp_K-cGc52TJp8I2p4hL9lgv80K64uz1gY7pvlb6KIjrX1wXrl879ctXOIG2-LsG96lrLe3JbjdicSBHICQFHVsrhQxzrNSLCUDK2jd8gFQUHzuGwr5yskqEUStZNInpdqQG5kHQSPk5OuKQV0w4PCAg5YhVihE0WBqYb332VuqbtgBaZAx2lf3XHtE9t26f9a0TsoRMv1hCJNp8KgOoqiZAuQ3a2A2n3X4RVXz8egFM44H1eo0moAyjvAgiIw_wCg080BqNBrZUX14y7K6uEKl9PkbN7DQF6sSosIkeO_KUnXMi8m2-vrYwEj82Em_Gpaigko1qhtcxVDa-gIWp_xiq2Aeh8wFelMvZOanozr7_SHUN8kArDUASVEmS1pvXnA2qS_0QKRoBu-EGxTsszciB9nVC98JAVByk9QTKUhESn65ar6Ug&sai=AMfl-YQ6ov4KXm81mhhrAnbVm2SifGy1n-rNCk9RYbqhX8yfymgqSTSXEFuB73OIckmTcQPYvRsJoCeQz5JRKY8S_H0PjrwoncneNBBvn4VA0iGtKaIEs-0QBMidvFJtOHjJWgrLURVA121lsGwSht6dDjjAG_x-gq-kS1jqR6ceoovY7HpE17bY_MBOOvobRtsxMfQDvaIIeU0A&sig=Cg0ArKJSzN-wNX27thn0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1059&vt=11&dtpt=567&dett=3&cstd=485&cisv=r20230711.83202&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 04:46:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AC30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoW82w2uxxbGe8rqmaopvoeP3sI0WcVp_BfEJuwQJ5_sRZyRSMSIaVtrxtY68LIBE1D0JuP20gkJiIdd8tLZhky0NBgm7d2osY7WxlZtbbpqsnl-TosctH8-3f6nS0aqltEM_bL3Gm8bo0WpBNsxuNLZy00fcnA4nZxIDGjjv75C1832av_0ZcIKNBEqaJJY1k5DSebCQr6jakzoQDOTq-ej3XAI4aKrDYLwa2x0Ahyesm6EDTKyxSLELhi6Pm3dDIBWmPa9XScpmclwl0niEV3v3Iicyay4HFFz9oL7E6ohxh0sKNxN1jXot5cgmvVLk5EmAmWRVeFT8tm4Nmia1TrHv5I_1GQIgj5joR9hRh&sai=AMfl-YQ1fHHD7TlVu_aEVIJB2TtXLEZ8r9PlmSK7-AHOeo29DY2503WF47xKhDldkNDs4wIIv9aTRjufxXvkHdw&sig=Cg0ArKJSzA_-JYjZ5CVuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 04:46:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AC30 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5a4aa900d24d68758d51c1cb99d4f61db9db0a080563044dc53b555f43b541a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11947
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE62 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeqhNJXazZJlAlJTU8g-gl4DgAwAAAAA4AeAEAg&bg=!39yl3IjNAAb90kgr3dI7ADkAdvg8Wq651Rffy3ZVOrQIXQ7USGDHJanXz311syVqGrHkQewko36bTY3LnS5oxuuvkGmqskRPIJwCAAABe1IAAAByaAEHmQM7BUWpx-jyfjyqfEiTuwfU73SpJb7VznZqLDm7-wdLNk6bQT-8mxzPqLUWLd0pMQXCm7W5DdezNO7Ijrsv-19zw8Hehu5PQcHvq9NSsZckGaNrlgPCFMD8DM-yWwAQh2be0lyEUZo4wYauYRRJ2JmLZj0zFaXSAuw78wyIFxqyL940n8NY9AuFmDFu38UAFnLiMCv7xolCe2eTSYiaTWvse3Hgmq1idmUsfo1ElosFjHVmFssSn3Kjy_EV2nZgqkhvw_NggE3jG0p7lPQJUplaaHgm3weavhwLAYxwJxc3mCGVtAaMTNUrPUiFvXPRWm8Yc8N4n3R4aelXTtso08RfD37J7taeqBWDPTAv2AlhR3Fx8XL1IKaqwlLkAdIbZk6nhJp34l8T8NpQ4lkTV6IsGJWJHLyFeCabZFsG_JSLdlMVAoQsG3nZ5Di6O-aX3dcLdVeOfwY918m433FfU3KTP4vQCVtDW6U9am6VC8Hj2G0EiVmzhJu1DDTuJ1dhlY-rTPp1kUMaClbozcCVovPV_grODY9kGx843acxddXqWxtg7f4aQEN0E88AVBqyRMyE2aD9MaeByUaQnuXOkM_2huHPBXDMWRTfPt5OD64vqT3YDUW-SE2e1rNkAu3eZxwBw0rYRO6BSA5bJPNOmaJa1ca06-2C4ybbntrfaQvJKiJxPLrTWDiQvQl-G1UDC2x5XLqLIIvcPCCIKqIGOxbVFn7hdI7jQG0xDwZw2Q0vpjXCpQ4obJq_i0UoE4964prW8u4ym-vhe3Odc58IlcN_w71Ez2EY7MxvfMjntA4bPxlmrLaZsjK7dlEzQZ0DQTkjVV1n3hYv_pWKC9bOKGF0oOY40cdi-llRgV5h3pX1_4fsynI4s5I-32CYdkodFFK8R-ujdRNItcXkDiLcBa9UKclWy5fE5Y0G4bL1eIcbavFWKychNHDSdUtUN9xzltN5CPvplXYWgRmE9VnEAojgK3hxfCf2g8xfMcXcizSXWjim1dw9Mepr0Km2UikrJ14ZQGUPcCleXCtrkT2D5iy5fQrWLbe15eLNS5NEBAh1-7eVJoqCXFm4gsDFvqkZm0-D_ZeYQFmrK1M2gGU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AC30 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 04:46:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CB92 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=2047191178837252&bg=!o6CloPTNAAb90kgr3dI7ADkAdvg8Wsb4DpFWS4VDYOPtjsTaCRgqKj1gq9mfGsuMn8OD2600HcA4gGbx8QqZDDj6mE0vJxgDJ2wCAAABpVIAAAAIaAEHmQLsLBuXnHejncN70rYZCUuyY67xHid1yGE6Z8O6EhhNqFthvlcAhD_4sW2UE1wgkXJhwmnZFbJF6q63XZG9lxiCsM7W_Q9D7csDCoxO_lRk8jNV-HMglRhniZk4l138f_esXq6myQ2EA1vammAicHjXtPww8HvEzej_GxTyxEAZE8D7jRT_qduymm0XOOB9hog9mON4b4qyoFFBjaOyuyAPC_CiCqQTresF6h5QtGIkCdeB6_p5g9XA4QuLVytPCr96kcdVVIg36xNK1SA-pgZh1qgEc58jiLf6EWyRwwdpFwIlK43JT_ThfjtJ048mSJkxE3VVz-lnLf3LOiTb05yJh4yQ3rAJ_InaYdVMZEcmFfMFHc0GG3Sfq2uywyMjLi934jH2-NIT68ILDWQtpriUwyS2J9dkyaR-qhb85CAbBpPGZQ5XoeIKx8LH2rwO1VVtD0NK8gpri8FtsF2_VO3ea5Cov6rcCM54CGxLpygUtKM4bJ3U_YFOldTwlsvQrOtgSks_rON_OhlGKYW-YMdGZ3iiejs2nF0PDGZLGuZEqkxSossH9W5laa-gTT_6J9fjb6JskgWTmn4TcqffB132J86R7O9vgL2dH4c6S3z6xF9iLzez_PtfYt4A8-JeuaX8b6Qzqa9XXXI3knJi20brEO1RpLpZ7AUvvfyiDaNIzdVSRbGU87DghTRYlzzHdUHsMFLPChH9DV9nAM4wIMs5MZsYbrcHwO-MlbxkasdIq6SWZ2Y8VcUUcU1qAnv_hfjpCUKpWMqefFZdN6VIMiQelp2SRlfR6jujAksYQUEc8UKvtDm52XHAHSimf2-1q50-XY0a0osxXjLZg4Oy84Lw7NGszOkpYSJq9ocsOlU5Bv5HYZ2q_nlerQjuXaqq6lDjiqi3SB_giJLRr9Tnworp7ZxpLPzCsN9XYlAddLh7QE-CIP8Z1rur1AKOY6S-ma29HifWEMGuiMzowqNei8c3YLtjyvwgZQbpPTwMhQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E59 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
45935
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 16:00:55 GMT
expires
Sun, 14 Jul 2024 16:00:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9658 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
8de750ff60c3f378f67fa591b07f03f08bc784de8df03e2d0fdb37eafe248ff3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bvO3nduv6qug_nx1B2TtvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-bvO3nduv6qug_nx1B2TtvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 04:46:30 GMT
expires
Sun, 16 Jul 2023 04:46:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 9D31 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=3252126994577579&bg=!hYalhtLNAAb90kgr3dI7ADkAdvg8WucFrWGRIFLWIkPEoBAm4sCD4CoxYA6dFc-RqWM0HZ8LlBGG0VHlF05t4mcA-UF7J8AA0CoCAAAB21IAAAAIaAEHmQLwGXU9t5Yxc9og68XgufJvQssozN6XoOM1GxVEV0pqHTcUUDlg6LkLhZnM7VlO1ZALmjPOQpgWb54bd5Xrl3U4DdNGAKVb2Lf6PQqNMRINrh2q9dLT-Olb51xKy60pgGudDOl1P_5NY963dUgYl16LboNhe3obJVrCSwAtu6rJGuil9YXGwhPpb_AfmncrEVvg5ktO6agN3sFZgkAQQ0TblGnxgXoSOicEOmzmT4ENyi0jYmon3IiBqn60x9dHJONKuLWc4taijiVgjS81oDux8Hv6LNGSdNFIn1px8-YGbRmuYv4zhMb5eSupB9FYVSzimsFyhqL5S6V6LL4O5JQROjHHxFuC-PrRd8IwRC2nspp70x0le-ENGnWbWkNbFhRzO1JPtaFNx1U4mnDtGmstw5dBNvA3WUMx2NSxYCG-gm4T7RvUsGX-KKDRsKM0a7sj3FOCOWOZoNN5FEBgM14Gvps28msRc-SsaiIAqUWJs98yq5SyoTI0eH9ZFSzgIRmhMlcJp8NLRpUct7Po6F_ano4gUa-r5cANfVs2DtakAZ1PgZOHS6oBO4Zc1csvSvT-7Let9N0Umo-uwVEisRS6HHLwvbmkKJzDfGLucL4YZlp8_RSk6tkGWh2_f4xXb1h0n3c95F8EorFSguXc7rsPRxLeG6UfoIebOMKexHtjs0_uqaeBzJbHK6PVCkfU8my1LSHhIbiSq3wy9YsCTcHVir_7N3VEjiSZWlTHD7axKSdGRWlDlU8CO_mJ_3QrIcVe7PyjTO3ficgkHgbOIhUpBr-XnjJcyeMJvTg6lGxz7RktiQwTvx77Lzs4ZjDciDgm2lqZR6fdosgDo_bHkHJrt1eaU84QTkUj4QPNOAN6teJ_9Z5n-_netAkNCMPQvE7TlNFuBeR0msP_LK7LDQuIAhx7L48135BdQ6d8dU8E4C0u2d9XqahdIqEZJkpm9I61x7Gz6Oz1zFw1m7X6afpVp8D5gngxsknvOQ1FmXSI620
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 9E59 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 00:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
274651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 00:28:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9658 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=86923880099458&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 037E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=641319743568916&bg=!DA-lD1vNAAb90kgr3dI7ADkAdvg8WpPUyFj6744tioQu1YBnm3QYvEo-VcACrjcQPLxtZvI_q9pcSRb6vq79XI0NNuzEnfwbg7QCAAAByVIAAAAHaAEHmQL3fBnBEUfAZVOGWyUi7Yy15XuEHgGVXCA_eS5tPK77C6gneZF7GlfjHjxScGVcDWsGpksndI4kGsNwQJMsUiUxdcW55XMBB88Q18QK4w6fh2D2PG7McH0pPDPNWdBZGPEN-U0K1fdrJgZwg171Y8BGo56i7jqsYgyYXZ1X664bGKgT34Fgpx3zUKELV6x2QVS2aXISOrwffqufsuM4OM_TtF2yITpA02LCD7wlVZiOAqcEet2q9FmtjwRKtJqeFI06k-KnXk8q333Cipchmo1Cpik385qeKEW2gZJBvHRIl7bFBIy5CN-fBXE48C__DDJLNHewYo-yZDg1Qo9c6nheyImjsBN-By7nzx7_kcbsgJBp4TM9SDmAm0jKfHaLBvtPkB7FVHG4Eo00J80xKzri3yfj800uiKTUsMvLqwqo6QeNmQX121djUT3onYAIp7T7m2jGaO9T2m2IyLA6H1x0rzdesz2THGBOsTZkzsqwB6rrMY_jAQXSoCkb52eN9z0pYzUUuvlmI_SxHWkdl3AE7HXLlcZAZMarrFd5oh4DDCVGbAVwHH3WLfhfLzsSpC37uzlT0GDik7BJd02YCoQfZnO3BqTI5sIlQQc1u8yaiBlf6ntm5ZfUX6QZJ8QnJ9KM5ilIfd3fGG3lKR5vJGnA88q56nXt5YzayIBZBTi1tj6uCVO1SiXzGJBW8bikGnvbgYyAXUhqmCAYVG59z7GL8R0r0sYG0Ow1rqJoZ5zbwPevGQ1gHzrfi891PPvOIkikdOgoW-CCuCQKE4lZBoe3_aPDmjiA5hB2-KjW0hBHiBO89mLx9xH4CZqTIYYR6g92x9ab91vymtHPdC1X0tbpgg2DNtH_2WUiClSB9mjfRBalnSnnkDwgchuBNIhkzPAHA0UZmxqCDY-V34LXE1DN3HNR2WC_Xdj0pyd7j6PUfYHeTKxC3QTtGJR1i8N0stNvpGR_ARk3DYIV2xNGlCMmYVFMFqa0ziXr5NudX7JouiTFVV_1PPj9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9E59 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2LYHFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 04:46:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5D05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=2486682076711114&bg=!mJulm8_NAAb90kgr3dI7ADkAdvg8WszZVEUpluNVxK9un3TAPE7uv57qS5fvHNHICK0Ba2qw_SorrmIAcE4yDvLNuYi3mJsTPHsCAAACZ1IAAAAGaAEHmQLw3z4KFGqLCYedTEe3nKAKTgOQLUb0T0i_D3xk_Yt4Sf3Wb205hSl5Rt4W5iVvda8ESlV9TQlQaSkutiFpCe8uCM6IqwAe3rNyXpcRHBNvklb5xlKgYUBsexpu8NXx6QNQnuc6R3ZvCh3_GbZbApRXwzqnaQ3gJ8V8yyxCKg2tlHfLhy6-VbJUc_zoa3D6lDNSkJQ9YOXDsX4Lsqfjaz6Xo5GvTM0hUlt7r79OQbaz4nph0sQphsUEmEOdrdac6JDVBVTdPGuGpbp_vDV271YWsy11--kJsUucYyEIDYeBCWwzs3DKCyiigkNcywY97uEoUR_Gy2C1NzB1nvD0LcW-78CttKBjudpn1kio2ABBfEWCr462yrwEx4fYrYSfQP6XGuwcrvttcq-MEmDSFYURwQstKSS2L5lk1lxYd8uqES1IWPc_QmTj6-5BEQl7ISsJPc2XrWF7dI00tp_A6U55VOP2E0j4CCnSgygrWkZVXr309mNiFBswpyd9c6H_C9DDTFEZ942FV7D1c20MQ7q4HcS5k0R8FQXBiRSFHBByNHFj5_33U1YFqFgF4NXsH6UkM9lJtpH-V84GnGTTXp1cTgEbVdAqXaw6fbS3a65fT8EZiGLmz2K_mJmk1jRGo5ZHtEd7tuakLso0_92roHKSi71VNghkRXN6kr2aeHzmcD8n5ha4tqNMJ294InQKwzG11_9j-eYxscvVJK6Jtorinku2CHsWnqBhYeb-_1-LUeUQogDURn-urfvQ-rCwcy_G9dweEF3TPNSsqkkDai6WLzhyKiuZ6g8FHZlYyapAmvomgI_bvN5Ll9NiHhErbJm01JzO6a1yZifdf_1rZqN9fuuGhJujhRtXMOBVxHCgzHAUZGbocxX9YeeG5pI8CXjQ1LoFxIL-F1dvLVG4MtSj2yZqCS5fxJu8OrRGBEzDo6MFPsjR_Q2_jQfzSX8XF8ADJx_yXT0bTeca5kz72-djT1PUsyx8x35wd00P5XWyFGM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame AC30 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=86923880099458&bg=!NzSlNGDNAAb90kgr3dI7ADkAdvg8WsZJ8KQjsGt6DIHHxcwPjLOdb7sO7zxvte2G2IyNoN1kp_PUpGSnAKg1fY03nPqMrGyy5l0CAAAARVIAAAAGaAEHmQL551WNC3LfMJivIQOMOkewas8DpHjlrQ2_cUUKXqJo8plwNIKxMiQyB9oNSyNXQ5WjNGqkyXWYD0EMlPCsVXtvVV2l5L0jokOjJ6htj1hjwhP4tvt7_0iRFdxaoQnCKyl-dS2TmDtc6wqn0CdJClTpYUe9bB8ePN1qKFKN5Fv93vtxidKEP2b9FyQFuvxm0mecvAuoxUnWAhxtt5e3Wzr39zIIvRs7J7uAgm_AtFjgISPLx2vU4Jtu9MKC0-bL2aDvwIjp8dJOSsWjVbHfzxTzMc0UBeMlJHPQxQksCFXpaayBHCPCit9lDCH6ShrkfrXcerY5U7GiTFoaBWSUTsDuwnuXYCzQAmdyV9O98OORBy7w0rDEXDWl3gtG4mXDFe-HY_z2ZsDOdCrPfig2QPrOYDiEPm0Tpr2GDx_NocE6JyeIojNSviolxaDqp0Gpp4S3N16upEJ-laq36c3o4JbdxpJ1TirPLwf_auSfxUXahpRv1AHi2duCr90JIMRTuDlplQ4iD6VanRtQklirFNBQaLK-AG75UbHkWOcSp3X3UBmHkBllZk_r-Fn-Y8aL0ORo6lClIspvRwOkNyT57Rl6BzgLD7Zz5Fqijna9Z7fqdvi7dfrCDnwWQjRpimSP7q3Pz6RlOAQDWJggVultb23ssI8bV80RBF2pST2ZXgaLWMpa8wZTJ37DPpvkh2wH5waR5KcUP-Pi5qoJcfHSCRY3IX3bBvkXpPgZYA-N9CBgtJpUadhikyr0o_XIppGbloJoXY_OKpHpkkWbsIoko5AZYlYqx0pTRk-x1ukkKCDaD_MumiLqwXKgTXRsj_njiUOGml_ivpPYjcBywbYzbtfXVZKJH2buU3YWpj0f3vzAZoRbr26XIgxqkfO6Z6QT0Frop6clEbX6jaxqJoTh7bf4jTWjepmHOAF1RICzuGpC14mFjCkUcLeEpUjSSHHLNxysWPp5uQBzOG7ka97QIkSwgBiRmoEjyPs0rqjn6YGb8ssaZaInZJWVDGw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 674D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1380702365805&version=m202306200101&ct=76&x=1&cor=12684917739197473000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 04:46:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| onbeforetoggle object| onscrollend object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| FormProxy number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

12 Cookies

Domain/Path Name / Value
.xgcartoon.com/ Name: _ga
Value: amp-RfCmIYJlcLctD8EXnz6IOw
.doubleclick.net/ Name: IDE
Value: AHWqTUnIsBsPimBBanbt5QEf43dWHu8X3IpPujj_nISsY-_orECtgSHwH3qGM5GMF78
.casalemedia.com/ Name: CMID
Value: ZLN2JZ70ivfjn18csMtl8gAA
.casalemedia.com/ Name: CMPS
Value: 5187
.casalemedia.com/ Name: CMPRO
Value: 5187
.adnxs.com/ Name: uuid2
Value: 6034607015731792367
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?geuH2>!]tbPl1M>e)ZlrFUfJ+tGXxp2A2kI%AlIr-K'0a6?4TOfLI-ex^NEVJF>$sv3If)y3KL9D3I?+CN23uD
.3lift.com/ Name: tluid
Value: 1177260002301951900430
.adform.net/ Name: C
Value: 1
.yieldmo.com/ Name: yieldmo_id
Value: gf00808c7956e58e973e%7C1689482789519%7C0%7C
.mediago.io/ Name: __mguid_
Value: 20bcf922e551aadd596bd9686167849a
.adform.net/ Name: uid
Value: 3399021536426152428

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.xgcartoon.com/detail/zhendaogeguoyu-xuejinsheng
Message:
The resource https://97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

97fc4884d39652d67c8215c2c713eb0a.safeframe.googlesyndication.com
ads.yieldmo.com
adservice.google.com
amp.analytics-debugger.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
static-a.xgcartoon.com
sync.teads.tv
tg.socdm.com
tpc.googlesyndication.com
trace.mediago.io
www.google-analytics.com
www.google.com
www.googletagservices.com
www.xgcartoon.com
104.102.35.84
104.22.47.147
124.146.215.51
13.248.245.213
142.250.181.226
142.250.184.226
142.250.185.110
142.250.185.97
142.250.186.100
142.250.186.130
142.250.186.38
142.250.186.98
169.150.222.217
172.217.16.130
172.217.16.193
172.64.160.31
174.137.133.49
185.80.39.216
216.58.212.161
35.208.249.213
37.157.5.133
37.252.173.215
54.228.185.180
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0ab892ee33bb78a2d95e788ec00e2d7ad19a785d020d5cd7c5cb563526daa16e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e6b5bbca42157b97d47e0c70980d08d309762466caf6a0dcb8822a60580ca2a
10183d5a68f7bc154fc847bf06ffa7eab682922e435794c3581717d749242113
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
2210cd21898738930267fc85e4f79098f6a45f66bb48401b3031f7f19a36bb8b
2408d28ddcdb69b383ad4735ac53e489bb8e977dc1df3286e1026a960af2ffcd
2498cc8fe74606f4d5448e7e51ca646b98818f2c97bb0c0495bfe69e85ea371f
24cda10e52d33d7e00711cd701a9e32ba1456af76f7111401520048e42e8f559
25f04e530b31f2b27e7572455a26396490b0f4036f709e4b18a35080d7063653
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
31501eb658d9ad7b1f7ab3beb76ac12347a7e754a054369de1ce77240b1c2b39
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3268e34df3b711fbb7ffc1c956e4bdd164f54cc9d00e5a190f2d9edc29075c9f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32aa17647e6000f577562a5eda1c5537a846584a605eacd1e82653742067fa73
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02
350bf05188f8fa9e2bb64dd40a24ba70742d1bb24536eee85d84cd4a12ff96d1
3d5fc084d4a5beed4cfc94cbc2f54e9823311d651a10da808da76902c5b6ecb1
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
415e5fb93cd6089b058918a85bb90c5336656fb5f7d1e1aee9257021c45cad3c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
485be496b6aa2efdab4ee11dc23d7058a67b1aa4838060768c180bba325110b7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c8502c3786a5d3c9b8656f500b399950f70e3ef904a3c2749c8e94df3c7257
536e6ddf6ff69e4b9899cc9acf8e9b1fc794defa01eb78d3dd3db0b90e64e8aa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a4aa900d24d68758d51c1cb99d4f61db9db0a080563044dc53b555f43b541a1
5dfc20d516d16a783226bd5771289722bb42ac16b39ef78278ab3eff88147064
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6222be31bff9d5b42d7e040b9a29cd3b274cd8e9a6cfcd0b1825ac9faabcdb0e
62c8e162f03f6fd4bfc59ab2fbf4ccb1d651c7c99a0c78160238a766a0a7d309
648e192ca19cec5eebda09309f74851740b4159749baa29c36f5eb8a64f7c18a
690964dc7677739af15182f897b06197652f5c4a99510925314f7ec1e7886f5a
74d147083935eff827ac2e4ed54fc2e7dd254cab52095a0e4aa6159d8ffb470f
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
88ef576889214068009fde6fd65f1260e3bc2f5017b6b8d63dae5937cde56a0e
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8de750ff60c3f378f67fa591b07f03f08bc784de8df03e2d0fdb37eafe248ff3
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8e15f658e000c4f28370a1c65556423b3e21296ea22fdaa9eac537fee9b5e817
90749ff55eef5ddcfb2a33f1844851df55d8dd94e11459574592b980378c1ff8
971040b3fe8992d6f24057eb6b90a08169dd2ddba2f91d2e8377926922b9c22e
9813ff99d9d31d6f8dc1a2be5e312ccf93fd7cde12bd8af56f63d3768352230e
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c15d4aace1ef35e6cba80a50a81d4906a7f1b92490a5234b963a61fb6c6a0f3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c011d36e4743d6c27cabbcbbbfc14443c87c56b6200617ff0596c06ee43c48
abdfd0e2561a3fc35873309f1fc4bcc2229760337d3167ac9d24ac2dd74e14c0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b97ba6fde356f823d6ee53bd8387bf76901a71fe5f4e846c15823ad195094f5d
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c7957cb5d31c5fe5776a6265fb232b4e6d389e7640555fb4274e7d4e8b4169e5
c7ae688d9c1df811262f976278e2219f9e42ed14a084f12ccd3e22a8938fb0b7
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
ce7dfead4869037f081d2bf5f3ce1aff3ca74d8e791d0f16047653409c2601cf
d3faf68dc0a10640c4a22a2523e88179dd73ae3ecd6c4025e8f4afa31be33d34
da2b00f6644d1fe22c76814a2a6ae6ea537bb034ec0a4b10e84a95f454e73a16
dbff80451756e63a92ef80a9e49c5b4938dcb5e7cf01a3379a4599b0db9c8b54
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
df1a1475077ea8da4e4e4138344feda397439d99503debfa8b6a7e033e4351da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69a70f6e72fabdc4096eddbdca1a2f642307a5f6b5bc62ff83d064fa5810b0b
e8d3e0e6a9ef4ecf68408eb9b98eede2c7d5d2f16644b84a327023ab4837205d
ee58269c8fcebdbef7b89a55425d77d3f8c25a688a65f34ae1da5faf7e35dfe7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0aa4208422c8f79336d46032489c486e538074ba6eb974aa8e594c06bf5d03d
f30a102d702152a9b8ba4a1f707da2c6118c48d2f3ae66bd293b2b9da749b5c7
fa4fbe2033afe7c1c1db8ef47a39f4fc409e5cbf117239c07ea43ee914db5e0c
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd42275e976667113eb3812bcb726e6b91b14864a91c8395fafcb2af284eab84
fd6537f17fe859f1df411e75704aff06cbd70cb1e337b33034921b635397bccc