www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/
Submission: On October 04 via manual (October 4th 2023, 10:33:57 pm UTC) from US — Scanned from CH

Summary HTTP 369 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 42 IPs in 9 countries across 37 domains to perform 369 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
13	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	2606:4700:10:... 2606:4700:10::6816:2e93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	13.32.99.15 13.32.99.15	16509 (AMAZON-02) (AMAZON-02)
4	52.59.78.152 52.59.78.152	16509 (AMAZON-02) (AMAZON-02)
2 17	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
37	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
42	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
19	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a392	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.66.122.67 18.66.122.67	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
4 20	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	18.213.189.173 18.213.189.173	14618 (AMAZON-AES) (AMAZON-AES)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	54.36.108.3 54.36.108.3	16276 (OVH) (OVH)
3 4	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:cdf9:6ebb:c08d:dd	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
369	42

6 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2606:4700:10::6816:2e93 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.99.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-15.fra60.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.78.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-78-152.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:1b::1724:a392 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-67.fra60.r.cloudfront.net

img.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.184.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.27.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.243 (Sindelfingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.189.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-173.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.228 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:cdf9:6ebb:c08d:dd (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	googlesyndication.com bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	791 KB
67	criteo.net static.criteo.net — Cisco Umbrella Rank: 897 csm.eu.criteo.net — Cisco Umbrella Rank: 7577 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8000	688 KB
58	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 680248	4 MB
53	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433	296 KB
31	3lift.com 2 redirects ib.3lift.com — Cisco Umbrella Rank: 2654 tlx.3lift.com — Cisco Umbrella Rank: 970 eb2.3lift.com — Cisco Umbrella Rank: 713 img.3lift.com — Cisco Umbrella Rank: 4335	153 KB
16	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7499 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 8966 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13805 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14897 dis.criteo.com — Cisco Umbrella Rank: 910	254 KB
13	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	260 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	646 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	292 KB
6	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 87	63 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 35069 hal900030.redintelligence.net — Cisco Umbrella Rank: 239012	10 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	3 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 863	993 B
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	3 KB
4	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	3 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	20 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 862 mb.moatads.com — Cisco Umbrella Rank: 931 px.moatads.com — Cisco Umbrella Rank: 712	111 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 933	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 954	1 KB
2	gstatic.com fonts.gstatic.com	34 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11661	60 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 687	921 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 2496	711 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128	574 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 649	461 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	714 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2803	173 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	713 B
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 84565	34 KB
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 4633	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1153	335 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 2199	684 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 8734	613 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	541 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 12701	470 B
369	37

	Domain	Requested by
52	static-a.xgcartoon.com	www.xgcartoon.com
42	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
37	pagead2.googlesyndication.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
37	tpc.googlesyndication.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.xgcartoon.com pagead2.googlesyndication.com s0.2mdn.net
24	securepubads.g.doubleclick.net	cdn.ampproject.org bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com www.googletagservices.com
20	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
19	imageproxy.eu.criteo.net	ads.eu.criteo.com
17	eb2.3lift.com	2 redirects bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com www.xgcartoon.com ib.3lift.com
13	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
11	www.googletagservices.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com	cdn.ampproject.org
8	ib.3lift.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com ib.3lift.com
7	s0.2mdn.net	www.xgcartoon.com s0.2mdn.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.bing.com	2 redirects bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
6	csm.eu.criteo.net	ads.eu.criteo.com
6	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cat.fr3.eu.criteo.com	ads.eu.criteo.com
5	ads.eu.criteo.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	hal900030.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900030.redintelligence.net
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.googleapis.com	ib.3lift.com
4	rtb.nl3.eu.criteo.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
4	cdnjs.cloudflare.com	ads.eu.criteo.com
4	tlx.3lift.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.xgcartoon.com
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	img.3lift.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
1	m.exactag.com	googleads.g.doubleclick.net
1	id5-sync.com	googleads.g.doubleclick.net
1	sync.inmobi.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	cdn.contentspread.net	hal900030.redintelligence.net
1	a.rfihub.com	1 redirects
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	ums.acuityplatform.com	1 redirects
1	fksnk.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	px.moatads.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
1	mb.moatads.com	z.moatads.com
1	rtb.fr3.eu.criteo.com	bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
1	z.moatads.com	ib.3lift.com
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
369	55

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
contentspread.net R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.xgcartoon.com/
Frame ID: 731304346C841A0FB8E93B297420E760
Requests: 88 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: FDC905CC5357AB8DC1D462971C036A40
Requests: 9 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 8114D13264C9E06B115BDC4F7374CAD7
Requests: 27 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 5B3B1CDEB8601405917D01AC4DE32988
Requests: 10 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 93FE2FA71794B787002438833CC66DF7
Requests: 26 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 9743494D508F512FDDB360BA08F93DB3
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSgALlekIu-PoAAt5UEeGD_vaWwKvgVGkQA&u=%7CSL%2BWdtGiM8g1BFnzmFLlC9HY%2F1dBan642FwutJcNVko%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkSCFAawZDNKsDpS5F79akQqBUSJUAJUGpbBHYz7ZRxejCnKHGN7sMIzNg9bVZCatowrboqnqOh0IiIL91mqrMFTF6FxPwFN3LS2YByjSXfZCCUrsCMid7krBLX57rH0uFF4_UsMJpIARH4BYJ1UEAVqEWFPttOEK1XtRhxIkkUMlhfEWwLFAs96iR_Ktul_JK_Ni8zTt9Yhxrh7U8gOm4kpuIWAv0KTzM_NgMFFZ5697v9qJjQNieCPJdn7ZtANX1Q97ucNBx1qQyP__8xq23o4aBI2_rM22MAShXJiZGXl7Y4yUqkDT1NH2VACCohChByP6PPp-e1Kk9d6vLC-VOl71C-EUB1ldkWPh8T1MAbHW9KoB3VdmV2JeA59kPqQYdp70_TNcDwA9Px6Rp_eyFuYXrixCpqIcS6d9Y5VtiJdtd5WWeVKzrmP7_RMdRUhVSWFl3reg1zoL9LJ5oSmsoizciIOIg2tqUznmCYSyCA1qFwYbPT7scxGC4O2Dq4kQcj272XGJffncIaZ7Sjp-bCKAtZi8eXwWz-uorU2a3rmHLLU8PnFgvqFhGREikZB56&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTTzJSugdZemrLujH7_UP0PKtoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Q_OT3eydrKKOXp2PxpjrxKrQp39aU4cGl2bJ3FmccbbXoAjP23P2afigh0PBX0v4erYvMeM7WNIU7xYKA_40C0T1sr9UDLvP7HXf3UiSzVYA8CHnL-CSJCQ3LsrfPasMq3pSkbCf2RbjWdmeyl9z4XXklJXSqz9ge7NwaZ4LJir_LHWrqBBLEdTmSc3rMeJP5J60NW22Ny4Ik4F7pn60KZRu1um1ByaTYOSsQBcgPT08mgpSWL5QYM3gH7B31Td0NLNGwSm7P9Wbxd_YNKorjXfe86PaEXR1VzjTVnrYEpRb1iGBV3YhxM3o6qpxHfj1yA8DZsEuNZk_whOAEAYAG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kEAUrBmlrOwY1SUrxCHn02j1KKw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 04EE5A1EB7B96699EE8F1E0F364F0F85
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSwAC3tEIu-PeAA_ei4h7BIqkMOkV7oivNQ&u=%7CATS3cGGWxqMR3BGuPCcAi3pXLzfNsRxnZSLUacwtUc0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5oPChMrPEwoM8KZE3HYwaEjUvDRtwv_jYYuKD9vakB-bNqGLYtsI8W7D6EUpSiDsqsH-0S4VaKK7gnJcjbux5nR4iUFKr661EI6tpvlJlkR_3XJL47naQTZH3bGCz7evOuiThPkYomq-KFG6RpoVNFbQBuiNJwFW2cAtmYxS_Itxy0SmnPqG6Xo-pD-WPJY0eGCZqxqdpyZI75d1TBS4FHrsHW6YZRTj0cn1WbfjvxmHKBMb4XfQEhosw_XtbHrqezfbZazMeaXAz_XVJQGP8VVO5Q_9nFHCkLy7BL3TVcsXCHg3IsKHAX-w06Kb6phNx1YKLryLwLtjz7tWVJxiF9mds-1iMO6bvcbSQT28jh-gGUv0XaHvUyYhCk6Mp196JLe7SQfou-ctw2Cal_iq2oSALnh2FEKTekdq5qToHDBdyPMzk3Ir2b9oHkYV3GEoXeXQhDHJKG8g91Iwr82VxTzPPaQlDK_8WFQhfUzI6AS2cqXlB-nbFeUwg9GcsMbhgBOY5dG582-pNFMUO1VyEZdErrtdRYRbe9qub0fZJX6_OwjNmaRLRX4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgFgtS-gdZdG9C97H7_UPi72_mAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgSDAk_Qncj4H3meEV_wzwCeAXeXtYH4e9D09hQIWkZxDSJyUeQ3t1ge39AcTsNWAs8q57QgzTJPGj6IcBaxvQffuaDPxtQl2X2abhzMQNpOkvXHJdW_xxgNdBW3axeyxFAQIaCCjsBqzfANGSio_3gJoquJUC9QgKE6MhlTNtBsCDN6aPtuJvUSlWh2nagjdcyjIkwVzSlD44rj-e_Dsr1ahxLpRctEq8pcav1wBzmp_GoJhsspJ4TUP7W4uot0wInrULTPP8CxkboRueuYdNVUzEZYorR1V17wtnF8VlQGz54zSYhDR0u-cn9l2uMk-ehx7aGr0szjzIepgQVluRkjKLxbihDgBAGABufQuof81-v6RaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0w6fuSLdXzcUs_HTiIOkhdDFsHSg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: FD7D32D11733DFEBAAAA2538912FC8C5
Requests: 25 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 1530F6B9C04F288262046546328E6191
Requests: 7 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 69352A4F3E512B0D5E7A02B00C4363D3
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSwAPO7oIu_5eAAGDcBrviLPQ4uRMVDoY5w&u=%7CwEhugyb8jFCrt%2F4jFK4Bf6Yc%2BfR%2FU46g%2Bl6zATscC%2FU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBExYQ9MR0Jvm_bL0lQkEdhsw4FL--jOhcXvZRNo981STF9r2eHLKVNUd2m2-2kkdRX4Yzxgcdg532gOnA9ajJMeqLhe9fgZ4sCCBDJCkCVriXE5IrAXfa6WkrKxDa6A489Nw4aWW4ZryV9W4mpYBEq4d-9oJOw5Ln4UNhdnY0jYxSr5WKxfTzXl_YWhajrFBVXSB7CcSsffMbuOj0KCtMp-2Qv5XeT9HnYR7BNcb8i0NOIJx4-qDfIjZGMydONyROEs3nK4bavzuBHQeqBVs9iuolP8OejSBMoPJR2WTJcEMh2HTIE6Cl9j7B2M8fWAl1lFtpCfLaGE-zFO2rAIUQXMdvYCjC_ReWXdPvrBydHPBti2q17UBMRyFZi_yyNyhh7fCDW-nX-QytX8YlV7QPnx3b8IIAWoezkK3jQkyubbx3USoLAtJsYHRu17cvJVncifvGAKrc08V_NgqC9eRdxwabWbQ0Ic3M5HQ3QWvf9DDwUc1Bxq0A4uJJswDltze96aFXSBLN1IGb_SS3aAmEl63PMCc6nBorgF_Ew8h56uHoi1YTVnmHSlVJrtTC5RF4i0P9dVJwJ8V6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtktHS-gdZbr3PN787_UP8IaGsA7JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Qvow9nbkHAtvW7kjmSlddXlqvIv3e7oHir_xjqFMa34cJ-8bVb9JzGB-pST81-clKfJ5WSbp9rWmk2LW4kmbUwqY0bpYd3gcNp1WlM8_v2H4kpX04YM8NXe2Z8ESvmylrAMxr8j25MDR6R-gD-jXdexp0YL64ukxVUz4SMxEwwCEsqxdCQjfg9JE8IHw_M8NxPhl8DDkQsHb-hcq-_Xg8xX_ZKUduei8IpaKbisg_wboOWvXaJ8IYnyOSFAci2SYu9bUnd6dP0m_hvVhsEc3U3_5gQoRFxBIiMR5jy4a7F3C16ugTYjkCHpFpcOzpR9jJIRGiPc6F8E2oMeAEAYAG59C6h_zX6_pFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2sbc7QbFlftOPgr-Qy9dW-NshnXw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: A920A72B8BA804CF444A2FC8D6BA8D3C
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html
Frame ID: FCB6CF54650C31902F6FAC92A9E1D644
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oTAACr1wIu_6bAAPZnb9_o4syyOmZszKi1g&u=%7CwEhugyb8jFDr3HVGyXFdzLdTfDFmH4GeVDqPY90fyjA%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgsEYLRTC0XW27L2_tjl6erqA_RpXvp0RC7XZ7_cIKQqepYZXd-bwIUb37rm72rRyJBaPcqbJw6fP62_7pfxow5glAfKZJrQtWgp6YQMvWjmRkzgg-S-TOyRSbwrM8ec4p9Ll5at910H6tOgyG3oupnqvW7PyG008z4ROTmLMX0M7hDaqOwoGewJeuAk9HW3Zyz2ZDqfjxJvQbh5yYU-eF5Jzwt16UwyWq0fo3Lms0KiD6ZboIMYhQ0lPGlkNAV6xjMkcS7ACNiAAShlS535jJ-X-oODrew2zsMi7ujA-JYK26TkFL328f2-HkdGZKWsQIbO4xrmRdlSyHxfKBdEzAU_MUCeQEna01psQvyABL15JlC97FWe5pFukIcanTQfyvcVn6YEmTXNN8-6bhc9ZYMvzsXhlUGG28aTmeYGIFc9d3IOLGoNWm8cTc4hjdK_uWHeNji3C_a9RatxUT9-4DjjqJEsbUs3OhMtsN2X5SfUUcQ89t6C4MGI6QEM-_AVXTB-m7TBmJNkCPXcKPFcmRtNKsBScKQgn3H_yz8HMNTGPPWApMTSoy-TifwjQ-Y9bC5m45sFjXE_1t0QN4HjWIcJ-Y-BjpvjPkdJAp2ggzkf8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnZgWTOgdZdzeCpv97_UPnbOPsALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT9AU_Q4-KTbhJiFecd0V5Wfq79A6tSYPC7At7bPuoRv4LkF7AvFf_apvA5jf5oAnNCIFL93kLFU6i49yYz0fjTmVoGeOxiMcw4QAXxVR-2V7U2CJnOKneqgYW1n0uCf00AzzIQQtXYNWnSGhFT6LzhtIIkFTrCMNVrpJQI-NO0VixUBv3uBNybFYfOdVC2iknlhKBmfUbFRCa6I6YZYXRO5PjFfX9xJJQF_JpJ1GEtxT3mYGb7yhGbSbeYj-Sk1X-OX5djuhU3RYmfVq_mjZhDMVuUHUtBem5Nqmak541mqAH8G0h_JZmLq3tZNQNxlOEBRPPpoIuiDHMUYWPYZRHgBAGABsea89eL-c35a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AHXRie0DNWr8k_pC-uotiyJlN6g%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 6152E1BF6E162E9B9F4E5D47B1F91DF2
Requests: 21 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 6FA14DEA25CE5D704B6F7F49B9758D10
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458828493&bpp=682&bdt=428&idt=946&shv=r20231003&mjsv=m202309291101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44803794%2C44804173&oid=2&pvsid=1972462585347372&tmod=14234105&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w86e1tkc4ww9&fsb=1&dtd=959
Frame ID: CDC9656C1D4156C7059F256749903778
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oTAAOg9UH_YyzAAsHjhTgrqqxp-tilG1l2w&u=%7C%2FSmEAsPfp0fYPF90H8BwuOBXukDr46wxTVlERoIRa5s%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBExYQ9MR0Jvm_bL0lQkEdhsw4FL--jOhcXvZRNo981STF9r2eHLKVNUfnwh44BWvWD04Cb5r2NQY7T0ESMYtNdDyRVDtavcEk2nZ-A3tsk9W4Ku4aKa7p6mn9_fmY2si2xOQv_Rt9Hj_9ziQTwazNfi-tHUmNjRDmki7RZgnZuMMpyxW9843jy3N5q8qgjZEEsXK-Of24ioDCLdzs1e_SeXpli_SRomOmfpqzRPm48cLccmtUvnBDQ7CULyNNYGbfBzCcRp9LeFBfKUm6gpyfShXwFXRoMc6cvb-pFjPNgxeLrgzgqiDeOhrSAxkGB8LyVLmNv2Xn6NP2zB9Xz2Duunje3t8qBvLWF-1j8NNOXeGCsz-cELMPEsmb2dG7JfQDkg_ZQge_R6kP3FBhQQYoTyQrwIvYEVKz6jaEE7-LfoAeMJJLN_xNjKYTmgvA8RKF871_VDDxaQlXeLRqlhkAcRVpG8A7EGrydqX0ZJk1goyuSfvHVo7-OXKx6bBgqEGPI9VNUqY-ZPafuoR8yyoVEUZC9thfc4G9Z6PZ2Kh-eazaNlP1ZJ7TVUqblqbnZ407sgTi6Zw--TS6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh-AwTOgdZdWHOrOZ9u8Pjo-s6ALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Qn4cl27WCdDMYblYb_f0-W2HnKqejg8Y4y7b_HH479cWhgchmaWfS9KV_mJpS9vOVyIPJrlJLZWO1Rx0TEK8r6XUBDVRsy91SgKrcNDE61SOcUI3fMaaHpyvseRpTCA8ftYtgZ7jfIEFsQ9h1UPyZ3kZl3vxvy-D5h1xI_aKUTzogTDV4V4RS84sE7yJlACMcLGofVNZoIrTPZm039o98cW9rivj225-hEB78ljSFAv-cNcXNkwbIgKjBQvg2Gw9qfuqGfX942iQcLj4l0lH-2FKdCvKps92Zry6JTQzYsvUB8gx7CU5ipKUTlWL5g7dif65g-Toy0uHvC-AEAYAG59C6h_zX6_pFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3mHaK3doYzY71ECcd4lCNVC936ng%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: D17E0C41C1C4B5C5260BBFA2FC12BC53
Requests: 12 HTTP requests in this frame

Frame: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: EF488ECDCAED958C7FA288591D1DFC26
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=87408
Frame ID: C4302F924AE73780039A5A11CD3E0211
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjBvYjGATAB&v=APEucNVmTB7zH32m40knOGx8yjmGKgTRlNeNs4TQb6CqZZEct04JA-_a1x9o5S0Faa5eablwyWB2cNEEkxvi_Vz84yHzRj8CRA
Frame ID: 586FCFBB78EAE353185EF150D2FF25F0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6D2494D366AAEF1C7F7E75E3C4F49FD4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458830860&bpp=110&bdt=1173&idt=253&shv=r20231003&mjsv=m202310020101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532335%2C31078488%2C21065724&oid=2&pvsid=3560551974905802&tmod=1630890057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.go2hh5yilrbg&fsb=1&dtd=269
Frame ID: 8E640DDE0CD7399D6419C2C768EB168C
Requests: 19 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=85077
Frame ID: C5F1583077C9D2911D0487151939B0CF
Requests: 1 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=35649500001962104438268012468030&a=81e7fde4
Frame ID: A8DA899779C0ACD53F61598E2BF59ABF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07F97DD51B62CD3D01A2C08AE086D62C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ1oLRAhjT_Mr0ATAB&v=APEucNXuHZMSEgjmP0MwG9LSgaSwjAzy7hBaCM5SMZMmEBHwmsM7kDIB9Xp0ehnMQk-EoKmWFerBzQvc1SQR5En8GaIlhLW-Uw
Frame ID: 0173902B5DA13F5B423AEAB0B6920732
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ADCE865048BAA461934169764BFCA3BB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 778B496A18304D7E8AF3A3BBD6FDF9E2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8822C11892C11F40EB7EBB286A66CC6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1CCE979A5EA60CB9A23EF695733E4D3A
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250
Frame ID: 4A8626776A28C62BEBFFFFA58BB3CD5F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Frame ID: 0C0C4AEB8D21B9A8B5C07733DFF248C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB7C7C9EDF4142321D3A7C82D6751BF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C90B87F789B06109C951B441DE8CCAB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍉西瓜卡通

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

369
Requests

94 %
HTTPS

40 %
IPv6

37
Domains

55
Subdomains

42
IPs

9
Countries

7542 kB
Transfer

13215 kB
Size

33
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 169

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=851643c0-5957-4037-ab9c-74b3c57fb800&bidId=15000&bidderId=4&cmExpId=V5&oAdUnit=11730374&publisherId=250152235&rId=40aafa1c-66c1-40d1-93ec-13c73eeaa07d&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D7a01c2d6a6624f869646da6b3295691b%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=391358&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=tqcecnff&aid=4059363185791368160480-83&wp=0.025 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7a01c2d6a6624f869646da6b3295691b&SNR=1&GV=2&med=10

Request Chain 177

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=47e8ac78-37a6-4609-af5e-1358a5583aa7&bidId=15000&bidderId=4&cmExpId=V5&oAdUnit=11730374&publisherId=250152235&rId=712dd9db-7836-4b82-9873-8411b762d2b1&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D6132b70b7513455ab1be337ca38d35d1%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=391358&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=zhvqfryarj&aid=3666279746481136584942-83&wp=0.084 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6132b70b7513455ab1be337ca38d35d1&SNR=1&GV=2&med=10

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1&C=1

Request Chain 279

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR3oT2HkGUjj0U..cXbfcQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1&google_hm=2

Request Chain 291

https://hal900030.redintelligence.net/request.php?zone=ykuzho0n7xq0&nw=20&renderingType=javascript&namespace=a1e2f78d1f&subid=&uid=ad0aa20d535ee8b7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYlbdTegdZZ2yHr-e78EPm4-emAORwdCbabvpg5LcD_AuEAEg08vOMGD1lc6B4ATIAQmpApogfz3PnrE-qAMByAObBKoE6gFP0C-PwH-Eyp8hGmN5-ZfOHK-zG8NpLXHzWRCzlYAQZcYj4H7rDcNRqV2sRdzJ8cwYY2B0E32dsqcG4JEV5QI88AircMNGi1L_Eyqgf1IcunPsUREDMacTq4htu2ustZBuyVecz4hMd0DKIH4R4K0nhX7-1XUOS7wVMl4Wrgyc2QKXPeo34uAB90ljG6NndNt13eHWGdzxU32CAzIkB-6D60_BknGC6X2pF3BRHwAY7Wo_l-YCsslij34Q-sQyVIh5V7K92V35K9sTMVq_AqDCL6hasAjj9K1fyIGisUKnNBSfms24emmMqNTABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI3Yyiz7ndgQMVP887Ah2bhwczEAEYASAAEgJAHfD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmHPrtjMbpsgF3AfUL68A0yviSfyaRjV1Jym4KM67POUav2BtGAE%26sig%3DAOD64_07a6ywXoqTQKrw8wMOqhUaSAFgPw%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Bx59cMV7nTr48fAxfzd6kj4JrGFzzUemZWCnjFejeArzDSnKeYGBf7krmbPaGiqv5JkXpJCz8dbb9xcdGfzA9bGCv1BpDGK1ZCy0QJnpYVv-e8lRXdykuRTcIkkWsqbhr82IvhA8lb8cHZq1Xdrs6Z1tsXTqC0vUnthPTdnBFGNOVRO7k%26cry%3D1%26dbm_d%3DAKAmf-AwM9Y1fhZPkV2uPcBUxDoWUSz3AaLLcuvAcRXkugqLP-wX-LeJJsTMSaAkq2t-rmN0_5ejayVjI9qGY4T637YEUp2e47iq4YuUGesHKz1aTUjQEOoYL258WN8CTFWImSgWUVJgg0Ee8yXUa8sp6jsDkuEb9PUTaB4oWC_lEjmLHFugYh73iSsZt77EJLOsect3r2sgQOTB2f5JwwC-_51tZ5onfOc6fvd30dygQvyrncoa8RokDPwZbsdJwAThvpKf1kkLgoMbrJoRyv79yHM8hDBLx1JFFkzFqqDH9Ie1iLP1SWoI5Wwk62B7rUdB39KjQ8vpvrQtddDoM-_n20_KGuyMKBnZkTp0OqQV2hulxlIaxb8BxLfiC74cm4D74ECxpOXPYT6-pGsYCdQ6S-Ocka3MPcXWLdFv06JeodjYPK0WwZwVwkVysOMSHD7_Dm8Roh9RKvXAzix5oPEWJjLVyUK2wV8SI2p0ntjMM7G_wMosgsrviLALUSwpQv2VUQPI2FKRkwOakqXg9wduYfOAAlibovVNj3aplrkQ0wfUsghq8Pc%26adurl%3D&documentReferer=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3930769775539&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900030.redintelligence.net/request.php?zone=ykuzho0n7xq0&nw=20&renderingType=javascript&namespace=a1e2f78d1f&subid=&uid=ad0aa20d535ee8b7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYlbdTegdZZ2yHr-e78EPm4-emAORwdCbabvpg5LcD_AuEAEg08vOMGD1lc6B4ATIAQmpApogfz3PnrE-qAMByAObBKoE6gFP0C-PwH-Eyp8hGmN5-ZfOHK-zG8NpLXHzWRCzlYAQZcYj4H7rDcNRqV2sRdzJ8cwYY2B0E32dsqcG4JEV5QI88AircMNGi1L_Eyqgf1IcunPsUREDMacTq4htu2ustZBuyVecz4hMd0DKIH4R4K0nhX7-1XUOS7wVMl4Wrgyc2QKXPeo34uAB90ljG6NndNt13eHWGdzxU32CAzIkB-6D60_BknGC6X2pF3BRHwAY7Wo_l-YCsslij34Q-sQyVIh5V7K92V35K9sTMVq_AqDCL6hasAjj9K1fyIGisUKnNBSfms24emmMqNTABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI3Yyiz7ndgQMVP887Ah2bhwczEAEYASAAEgJAHfD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmHPrtjMbpsgF3AfUL68A0yviSfyaRjV1Jym4KM67POUav2BtGAE%26sig%3DAOD64_07a6ywXoqTQKrw8wMOqhUaSAFgPw%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Bx59cMV7nTr48fAxfzd6kj4JrGFzzUemZWCnjFejeArzDSnKeYGBf7krmbPaGiqv5JkXpJCz8dbb9xcdGfzA9bGCv1BpDGK1ZCy0QJnpYVv-e8lRXdykuRTcIkkWsqbhr82IvhA8lb8cHZq1Xdrs6Z1tsXTqC0vUnthPTdnBFGNOVRO7k%26cry%3D1%26dbm_d%3DAKAmf-AwM9Y1fhZPkV2uPcBUxDoWUSz3AaLLcuvAcRXkugqLP-wX-LeJJsTMSaAkq2t-rmN0_5ejayVjI9qGY4T637YEUp2e47iq4YuUGesHKz1aTUjQEOoYL258WN8CTFWImSgWUVJgg0Ee8yXUa8sp6jsDkuEb9PUTaB4oWC_lEjmLHFugYh73iSsZt77EJLOsect3r2sgQOTB2f5JwwC-_51tZ5onfOc6fvd30dygQvyrncoa8RokDPwZbsdJwAThvpKf1kkLgoMbrJoRyv79yHM8hDBLx1JFFkzFqqDH9Ie1iLP1SWoI5Wwk62B7rUdB39KjQ8vpvrQtddDoM-_n20_KGuyMKBnZkTp0OqQV2hulxlIaxb8BxLfiC74cm4D74ECxpOXPYT6-pGsYCdQ6S-Ocka3MPcXWLdFv06JeodjYPK0WwZwVwkVysOMSHD7_Dm8Roh9RKvXAzix5oPEWJjLVyUK2wV8SI2p0ntjMM7G_wMosgsrviLALUSwpQv2VUQPI2FKRkwOakqXg9wduYfOAAlibovVNj3aplrkQ0wfUsghq8Pc%26adurl%3D&documentReferer=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3930769775539&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 299

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF0dVIB0Vr3X2SPz0QTp0-o&google_cver=1&google_push=AXcoOmTo2pvCHhKRgK2PvQ9PeswY34hAsPzwWN42UtZXm-MH4AoyF8v7zV0Ld5bz05D-xiw-noDB6mwuu8LJ31v1m6lx_fgBxZk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF0dVIB0Vr3X2SPz0QTp0-o&google_push=AXcoOmTo2pvCHhKRgK2PvQ9PeswY34hAsPzwWN42UtZXm-MH4AoyF8v7zV0Ld5bz05D-xiw-noDB6mwuu8LJ31v1m6lx_fgBxZk

Request Chain 300

https://fksnk.com/cs/google?google_gid=CAESEOZC3kssE-jqLpfPURvN26o&google_cver=1&google_push=AXcoOmQ7QrLMzyy35KgJmnuQEQGH8lnXF1JcRg6otFWcd2iVJ4LM1JSI8k7I5hzhd8IlwgWXEzGUAl4taZxTFRBouzfiidB9PA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjhGOTUwN0FFRkI1NzQ1OQ==

Request Chain 301

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPDkhQOXRRN9bd9CMF5-hNo&google_cver=1&google_push=AXcoOmSymfWQfrJZXBKLNptrdXBK2GGBmpQs_pisnRpTvMkCapXzWXWwDsp-gftANDxD1wfDS4-J8kTz7JmZtdbgsPbqIdI4tuM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=836212460386&us_privacy=1---

Request Chain 303

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELwFkGdkmEw3vEBjIbuMilw&google_cver=1&google_push=AXcoOmSoPGNMs31QoGOkwL78V1W_T7TYoOVyzRvV0GO2IW973Ztihk-R41Q6o3D2bNvxfpR8km9pkeLayAOzUvIwylnISKHlncw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELwFkGdkmEw3vEBjIbuMilw&google_cver=1&google_push=AXcoOmSoPGNMs31QoGOkwL78V1W_T7TYoOVyzRvV0GO2IW973Ztihk-R41Q6o3D2bNvxfpR8km9pkeLayAOzUvIwylnISKHlncw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMjE3NjM4MjM2MjUzOTc1MQ&google_push=AXcoOmSoPGNMs31QoGOkwL78V1W_T7TYoOVyzRvV0GO2IW973Ztihk-R41Q6o3D2bNvxfpR8km9pkeLayAOzUvIwylnISKHlncw

Request Chain 304

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIQwc-AaNhhQS50lh43xeks&google_cver=1&google_push=AXcoOmTRhLuNGrIA28lwOghDdDYbIYHtn-qUlpjf2_cLXmkCoZ3T3OGYR_kkzTQ2q2lciQodmFuBua0O5WSBLFnm0EGJbrgNIcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTRhLuNGrIA28lwOghDdDYbIYHtn-qUlpjf2_cLXmkCoZ3T3OGYR_kkzTQ2q2lciQodmFuBua0O5WSBLFnm0EGJbrgNIcw

Request Chain 305

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOvOruEKU-CoG1HocJJcc2c&google_cver=1&google_push=AXcoOmQHExE5c10dWHYrDnBuJ1A5E2IJDhtosy4TMUH0KQA8XTf1dmcmgNqUlGu1ONo0EHXlyA0kxJAMoWx-UQvXEOvyggSsXvgf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQHExE5c10dWHYrDnBuJ1A5E2IJDhtosy4TMUH0KQA8XTf1dmcmgNqUlGu1ONo0EHXlyA0kxJAMoWx-UQvXEOvyggSsXvgf&google_hm=Nzk3NDMzNDQ2NzEwMzk5NzI5OA==

Request Chain 318

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOSVpWATmxv9wcNyIZ7HGJc&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOSVpWATmxv9wcNyIZ7HGJc%26google_cver%3D1

Request Chain 319

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxODU5NDkyMjc5MDYzNDk3MA%3D%3D

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENga1qu_HnIbse7ZRS1ZUx0&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENga1qu_HnIbse7ZRS1ZUx0&google_cver=1

Request Chain 321

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDlhYWM3YjAtODEzZS0yNzk3LWViMzQtOTRjYjIzMjI0ZTcx

Request Chain 334

https://um.simpli.fi/gp_match?google_gid=CAESEJnUQJqbwbs1qpt1AXjxGj8&google_cver=1&google_push=AXcoOmTOHmHGMWEkUuCxRjPEByHNhjyTV2YlhsXEQhApnf2o-x1HHFh5vOiEdeyvS7wAX1CAXvllyynnZl3EoIs_ImpNkxsv4t3q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0849F6E82AC7407A98D7BA082E9E2729&google_push=AXcoOmTOHmHGMWEkUuCxRjPEByHNhjyTV2YlhsXEQhApnf2o-x1HHFh5vOiEdeyvS7wAX1CAXvllyynnZl3EoIs_ImpNkxsv4t3q

Request Chain 336

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFnVQN6k86BYOvnaeZKU8Ds&google_cver=1&google_push=AXcoOmRN1Ah_CCD0_U39Vls59B9_2of1CUIJpH2Zz23nxTHDDvCkPZWOmrhr_ZSS-8bTiVhA_nPixNlMqnbv4LkWkc-gGEgq6GHa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRN1Ah_CCD0_U39Vls59B9_2of1CUIJpH2Zz23nxTHDDvCkPZWOmrhr_ZSS-8bTiVhA_nPixNlMqnbv4LkWkc-gGEgq6GHa&google_hm=eS1yQ3ZfQWdKRTJwRTFrSTQwUGZaWC5nQmZCWDZuc0xNQn5B

Request Chain 337

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHJeHFyokNbYdOnsNz6150Q&google_cver=1&google_push=AXcoOmS_lxAUAqtOXai5dWKrsHheBrv6pbby_UUxZ90MuFqN7YEuGybe6LqlnFEFz3_cWwbyCbdHArTk_aZrwxzZGauZa62qDWXe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5DQlNDQlotMVQtSE5MMQ==&google_push=AXcoOmS_lxAUAqtOXai5dWKrsHheBrv6pbby_UUxZ90MuFqN7YEuGybe6LqlnFEFz3_cWwbyCbdHArTk_aZrwxzZGauZa62qDWXe

Request Chain 338

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBsajWBEvGFegpjjEHflc-A&google_cver=1&google_push=AXcoOmQvBV7ijOufdYsTsaKiQ1HJ7oW7RRq5-hKSHgeW9xMjuySA8uvuKQcCcunDxr0Bz_V0nnbVeZw5dI1FBngarU8UJu-VdB82 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQvBV7ijOufdYsTsaKiQ1HJ7oW7RRq5-hKSHgeW9xMjuySA8uvuKQcCcunDxr0Bz_V0nnbVeZw5dI1FBngarU8UJu-VdB82&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1696458831969 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f1ee9452-3b34-417b-b572-ae1fa9f172b8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQvBV7ijOufdYsTsaKiQ1HJ7oW7RRq5-hKSHgeW9xMjuySA8uvuKQcCcunDxr0Bz_V0nnbVeZw5dI1FBngarU8UJu-VdB82%26google_hm%3DA_HulFI7NEF7tXKuH6nxcrg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQvBV7ijOufdYsTsaKiQ1HJ7oW7RRq5-hKSHgeW9xMjuySA8uvuKQcCcunDxr0Bz_V0nnbVeZw5dI1FBngarU8UJu-VdB82&google_hm=A_HulFI7NEF7tXKuH6nxcrg

Request Chain 339

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDE6HGwuKcskgZSUvInpxPk&google_cver=1&google_push=AXcoOmQjbS9dzwTKF-JIxvNLroso0lGqMaEXlcJk4btCveiz8q7hk9tQ5ib3Fxsyo0F1KyAMAH_AJrEbCAcNyDbSOlSiIC9UzsA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQjbS9dzwTKF-JIxvNLroso0lGqMaEXlcJk4btCveiz8q7hk9tQ5ib3Fxsyo0F1KyAMAH_AJrEbCAcNyDbSOlSiIC9UzsA&google_gid=CAESEDE6HGwuKcskgZSUvInpxPk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUyOTM5NDk1MDk5OTA0MjU3OTQwMw%3D%3D&google_push=AXcoOmQjbS9dzwTKF-JIxvNLroso0lGqMaEXlcJk4btCveiz8q7hk9tQ5ib3Fxsyo0F1KyAMAH_AJrEbCAcNyDbSOlSiIC9UzsA

Request Chain 340

https://sync.inmobi.com/gob?google_gid=CAESEMOdyNlEeAsv9Yy5bsofDbc&google_cver=1&google_push=AXcoOmRwB83fSnXi6xHcJsUXn-sKc78MACYL59qoMTxe7Ub7nWOUDRJBWBSqPPhLH3du8mnLP2Ps7FSrXK-P7mwCxGOE_dKo3r318Q HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRwB83fSnXi6xHcJsUXn-sKc78MACYL59qoMTxe7Ub7nWOUDRJBWBSqPPhLH3du8mnLP2Ps7FSrXK-P7mwCxGOE_dKo3r318Q

369 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.xgcartoon.com/ 186 KB
30 KB 779ms
382ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4101bd33cfcc02108ba359ee9188137f3b1c1b5d78eb1020a8d130ce72f74bf8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Oct 2023 22:33:45 GMT
etag: "2e9f1-cnTA098qOQK/QjGSeEvpMW6iCrQ"
expires: Wed, 04 Oct 2023 22:36:45 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 141ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8756d3367261f5dfcbef03be86fb4b956f889917fbdd3b72c300d8e1dcdc5f47

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73066
x-xss-protection: 0
server: sffe
etag: "1743d73101b212e4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 163ms
69ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c7c5c90a9ea184b7ae122746634b34b95b904cdf18701bcefe47281bdf3fb2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23163
x-xss-protection: 0
server: sffe
etag: "d8f4281da4b1dc01"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
10 KB 111ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0696014ac23d674aec0b644c215635727fc3ff4b972cf9052c7bbd0b774a92

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9444
x-xss-protection: 0
server: sffe
etag: "5bf0e0624f55a936"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 amp-base-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 33 KB
9 KB 165ms
82ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-base-carousel-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03eb793ad3884af30b2cb190ceaaac8c06e276ef3ba8428cabc28cd0f14838e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9128
x-xss-protection: 0
server: sffe
etag: "ddcff305d31dfbf0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 49 KB
15 KB 146ms
63ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e470390154e5bd03688cdda3929ea08912e3c0df3381747417b2b2695c11e6f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14972
x-xss-protection: 0
server: sffe
etag: "986ff7f2a28ce823"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 116ms
33ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46fac2c4f85a6f77b7b855a38edd6da4af8721ba0b7bab73d0bc60347fdbd3e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15366
x-xss-protection: 0
server: sffe
etag: "b81709c9fc647cf4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 53ms
30ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2dff3c8538006a5ab7304fbdd0eef49b25077b7ba5faabcae58da42f42b1f8b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10339
x-xss-protection: 0
server: sffe
etag: "3b1d1db9601b03a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 63ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed68f0e80b7fdede2ae7235b2ae1ce179d07fa64513658d7ac9f65a5f12d623c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32179
x-xss-protection: 0
server: sffe
etag: "9396582ced18d109"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85807e46cda1cc83ef9c5e92edaacb7ccd4fe3cf1ad8ff1975709a435853cc08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 22:33:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4743
x-xss-protection: 0
server: sffe
etag: "da6a9594ab3fdcdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Oct 2023 22:33:45 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
470 B 246ms
161ms Image
image/gif 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 8110e36b5f37bb53-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 211ms
202ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:45 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Wed, 04 Oct 2023 22:36:45 GMT

GET
H2 200 stay.png
www.xgcartoon.com/img/ 128 B
325 B 210ms
201ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/stay.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 14c55deaf7ebe64eb047f2deeff0f12615193ff170e0693bebd2b51991751bf0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:45 GMT
last-modified: Fri, 02 Dec 2022 17:11:13 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"80-184d3d21b68"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 128
expires: Wed, 04 Oct 2023 22:36:45 GMT

GET
H2 200 up.png
www.xgcartoon.com/img/ 232 B
428 B 209ms
201ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/up.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 13e6a7a86b66aec6cc0cf1441a042fa7beaedbab5dc996b0341301518a1f55af

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:45 GMT
last-modified: Fri, 02 Dec 2022 17:10:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"e8-184d3d1ae08"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 232
expires: Wed, 04 Oct 2023 22:36:45 GMT

GET
H2 200 down.png
www.xgcartoon.com/img/ 266 B
463 B 211ms
203ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/down.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2661dcb6bfa9b71c39c54788bde5ea88003db9f7384c04e66d6f7926fdba8894

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:45 GMT
last-modified: Fri, 02 Dec 2022 17:11:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"10a-184d3d1e8a0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 266
expires: Wed, 04 Oct 2023 22:36:45 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa3ecba51fcbe3806a57d12638c9e2760902fef8faa7bfc5b4e0214ed36848b7

Request headers

Referer
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 daxiaojiehekanmenquandaxiaojieyukanmenquanriyu-chuchun.jpg
static-a.xgcartoon.com/coverw/ 5 KB
5 KB 124ms
36ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/daxiaojiehekanmenquandaxiaojieyukanmenquanriyu-chuchun.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf8320abe90f0b566bbb7997c1d5269403a16be82145d4935efd96c369878f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 30 Sep 2023 08:19:42 GMT
server: cloudflare
age: 190334
etag: "06A0B0309BA981980693FF16BB713B42"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ad148ffb-FRA
content-length: 4716
expires: Tue, 03 Oct 2023 08:31:25 GMT

GET
H2 200 xiangdangmaoxianzheqianwangdoushidenverchengweisjixiangdangmaoxianzhedenverdaodadoushidangledengjisdemaoxianzheriyu-mensishijia.jpg
static-a.xgcartoon.com/coverw/ 88 KB
89 KB 153ms
66ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/xiangdangmaoxianzheqianwangdoushidenverchengweisjixiangdangmaoxianzhedenverdaodadoushidangledengjisdemaoxianzheriyu-mensishijia.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e358711eab7bbdacde3e4d3eb925d04438f07358f0dad5d22a8818fc9771c7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Sep 2023 08:22:05 GMT
server: cloudflare
age: 190334
etag: "20979B22CCCCF2F971F5EA653CDD5998"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ad168ffb-FRA
content-length: 90509
expires: Tue, 03 Oct 2023 08:31:25 GMT

GET
H2 200 zangsongdefulilianzangsongzhefulilianriyu-shantianzhongren.jpg
static-a.xgcartoon.com/coverw/ 16 KB
16 KB 153ms
67ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zangsongdefulilianzangsongzhefulilianriyu-shantianzhongren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef4d8e305ba6d28a0b9efb307e16112274ace9cbc43c0a760913eb9a0881c30

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 30 Sep 2023 08:24:34 GMT
server: cloudflare
age: 190335
etag: "EE150326E2ECFC4798E42590D0D49BD4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ad178ffb-FRA
content-length: 16110
expires: Tue, 03 Oct 2023 08:31:25 GMT

GET
H2 200 shoulongrenlagenaragna_crimsonriyu-xiaolindashu.jpg
static-a.xgcartoon.com/coverw/ 10 KB
10 KB 153ms
66ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/shoulongrenlagenaragna_crimsonriyu-xiaolindashu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea7fca64b1f5e4f08b3a996a528b5cb1d3305956dec7502ee9c4f59f1c8762e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 02 Oct 2023 08:10:12 GMT
server: cloudflare
age: 190334
etag: "FD3AC5333F8DC9ED14A57DF2658F75A1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ad198ffb-FRA
content-length: 9975
expires: Thu, 05 Oct 2023 09:44:33 GMT

GET
H2 200 lieyanxianfeng_jiuguodejuyixiaofangyuantesouzudawu_jiuguodejusebuduiriyu-cengtianzhengren.jpg
static-a.xgcartoon.com/coverw/ 54 KB
54 KB 152ms
65ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/lieyanxianfeng_jiuguodejuyixiaofangyuantesouzudawu_jiuguodejusebuduiriyu-cengtianzhengren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa1f27152e0d87361b0db046cae89137d3f1be8c804a2b77885e2c2ca1c8425

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 08:17:03 GMT
server: cloudflare
age: 73730
etag: "3B5E13E18911DA3FA9DC123A1FB1B960"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ad188ffb-FRA
content-length: 55378
expires: Thu, 05 Oct 2023 09:44:33 GMT

GET
H2 200 duizhangxiaoyiriyu-gaoqiaoyangyi.jpg
static-a.xgcartoon.com/coverw/ 84 KB
84 KB 153ms
66ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/duizhangxiaoyiriyu-gaoqiaoyangyi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505587c1162ef2d4af495312c860628d42fdd2b3f5536834468b6c7ed186f070

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:17:03 GMT
server: cloudflare
age: 190334
etag: "9A55809126B6D6B5EB739038022074EC"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ad1a8ffb-FRA
content-length: 86154
expires: Thu, 05 Oct 2023 09:47:40 GMT

GET
H2 200 overtakechaocheriyu-gaoshan.jpg
static-a.xgcartoon.com/coverw/ 54 KB
54 KB 143ms
64ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/overtakechaocheriyu-gaoshan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521f6fc33d7ede7524e5263c613a5db8df62c4a73a16a8147fdb385a88ec5350

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:20:45 GMT
server: cloudflare
age: 190334
etag: "2C1FAA685607ABAD7AE0057667AAFFCF"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ad128ffb-FRA
content-length: 55610
expires: Thu, 05 Oct 2023 09:47:40 GMT

GET
H2 200 aotumonvdeqinzirichangaotumonvdemunvgushiriyu-jitianmeihe.jpg
static-a.xgcartoon.com/coverw/ 69 KB
69 KB 115ms
37ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/aotumonvdeqinzirichangaotumonvdemunvgushiriyu-jitianmeihe.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce64723f400800084733cca3c44b432a1e33fe5df837915a477dab99dea9152

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:26:34 GMT
server: cloudflare
age: 190335
etag: "575242576A34933AC4A524902C85872A"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ad138ffb-FRA
content-length: 70628
expires: Thu, 05 Oct 2023 09:47:39 GMT

GET
H2 200 xianniguoyu-qieyingshi.jpg
static-a.xgcartoon.com/coverw/ 67 KB
67 KB 85ms
80ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/xianniguoyu-qieyingshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a07f94f78fcb975d14e5fdeaa4ec9b9ab61db39f1c9a4e1f25e5192dbed4ac66

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Sep 2023 06:47:14 GMT
server: cloudflare
age: 190334
etag: "6D445803E4EBC61D2EA248F6315EFC57"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed2f8ffb-FRA
content-length: 68375
expires: Tue, 03 Oct 2023 08:31:25 GMT

GET
H2 200 douluodalujueshitangmenguoyu-tangjiasanshao.jpg
static-a.xgcartoon.com/coverw/ 34 KB
34 KB 76ms
72ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/douluodalujueshitangmenguoyu-tangjiasanshao.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df097eb502b12dd12e333baa8591c98e2b9d27818950a592b26a358b4da388f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jun 2023 06:53:13 GMT
server: cloudflare
age: 190334
etag: "851287CCAEF3FED37001F80B05F572AF"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed308ffb-FRA
content-length: 34481
expires: Tue, 03 Oct 2023 10:11:37 GMT

GET
H2 200 duoxuanshiduoxuanshizhijuexingguoyu-qieyingshi_mandaowenhua_tengxundongman.jpg
static-a.xgcartoon.com/coverw/ 9 KB
9 KB 78ms
74ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/duoxuanshiduoxuanshizhijuexingguoyu-qieyingshi_mandaowenhua_tengxundongman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e287f4e2fc69b929018a8e9cba1ab6dc875ac786d1387534a1e9fe151fc5f61

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 04 Jul 2023 21:03:27 GMT
server: cloudflare
age: 190334
etag: "9BA0751A468266A29B7B69857E08BDAA"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed318ffb-FRA
content-length: 9180
expires: Wed, 04 Oct 2023 05:30:09 GMT

GET
H2 200 diyixulieguoyu-huishuohuadezhouzi.jpg
static-a.xgcartoon.com/coverw/ 9 KB
9 KB 76ms
72ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/diyixulieguoyu-huishuohuadezhouzi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d485457bcfd0dbd54d98759be159d53077d163df9978a1de8608092a06c244a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 02 Aug 2023 11:36:59 GMT
server: cloudflare
age: 190334
etag: "B5FE7CEAA28E35C7C96DBE9ED1BF5FAC"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed328ffb-FRA
content-length: 8728
expires: Wed, 04 Oct 2023 05:09:37 GMT

GET
H2 200 longshidaiguoyu-yuntiankong.jpg
static-a.xgcartoon.com/coverw/ 8 KB
8 KB 81ms
77ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/longshidaiguoyu-yuntiankong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bab3e4376fdaf469aa2df0fbc4f5456d5587c8c715b7d94fd0a51d0548b55c8f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 21 Jul 2023 17:17:17 GMT
server: cloudflare
age: 190334
etag: "8D5BB8743EA381E4B532A95F5484B802"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed338ffb-FRA
content-length: 7827
expires: Wed, 04 Oct 2023 05:36:11 GMT

GET
H2 200 huofengliaoyuanguoyu-chenmou.jpg
static-a.xgcartoon.com/coverw/ 64 KB
64 KB 77ms
73ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/huofengliaoyuanguoyu-chenmou.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454c4e99fa9dab2faf30bf84f27ad4e3b5ccddaa17b6a9913e5eed70da3a45dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 06 May 2023 15:07:11 GMT
server: cloudflare
age: 190335
etag: "CD0A6F0AC5648D8C84A62D1FDCF2CF84"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed348ffb-FRA
content-length: 65086
expires: Thu, 05 Oct 2023 01:56:01 GMT

GET
H2 200 biaorenguoyu-xuxianzhe.jpg
static-a.xgcartoon.com/coverw/ 9 KB
9 KB 77ms
73ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/biaorenguoyu-xuxianzhe.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52394b6f1fa52b7dd0d02befc99f8a03866e422445b1abbbc39b7d0f2e8fb665

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 01 Jun 2023 11:12:37 GMT
server: cloudflare
age: 190334
etag: "3F9E124EEA7A2B9F2F80FE61E7F1EE32"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed358ffb-FRA
content-length: 9539
expires: Wed, 04 Oct 2023 04:54:14 GMT

GET
H2 200 zhenhunjie_di1jiguoyu-xuchen.jpg
static-a.xgcartoon.com/coverw/ 10 KB
10 KB 77ms
73ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zhenhunjie_di1jiguoyu-xuchen.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3a79b61cd82d6d989bae6f653b9619eb7e81b87883eedd972b6dc39969f9374

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 22 Aug 2023 07:17:35 GMT
server: cloudflare
age: 190335
etag: "ADDDF69F48D6820F504CB98292A393EB"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed368ffb-FRA
content-length: 10423
expires: Tue, 03 Oct 2023 11:38:58 GMT

GET
H2 200 lingzunzhizi_dongtaimanhua-aiqiyi.jpg
static-a.xgcartoon.com/coverw/ 82 KB
82 KB 81ms
76ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/lingzunzhizi_dongtaimanhua-aiqiyi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68d446f318242cb483c1404fb248a100ef152a579492b23752b4427954a096a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:23:44 GMT
server: cloudflare
age: 190334
etag: "948315BB2FB857884F1561F688E6F27C"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed378ffb-FRA
content-length: 83567
expires: Tue, 03 Oct 2023 10:11:41 GMT

GET
H2 200 bahuangjianzun_dongtaimanhua-woheningmengnai.jpg
static-a.xgcartoon.com/coverw/ 80 KB
80 KB 82ms
78ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/bahuangjianzun_dongtaimanhua-woheningmengnai.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41060dd159c926287487f50a2d8e583c8c72e6121d1f5ffdc626dc6cf6bf4efa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:25:12 GMT
server: cloudflare
age: 190334
etag: "A7D9B45ECA968201355BB03F8CB2FF18"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed388ffb-FRA
content-length: 82157
expires: Tue, 03 Oct 2023 11:38:59 GMT

GET
H2 200 chenshuiwangu_chushihengtuizhutian_dongtaimanhua-taerxisidongman.jpg
static-a.xgcartoon.com/coverw/ 79 KB
79 KB 78ms
74ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/chenshuiwangu_chushihengtuizhutian_dongtaimanhua-taerxisidongman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad8677457876f632db38d31886a4f65dfeb50037c421ed20a9918fe60293585c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:26:56 GMT
server: cloudflare
age: 190334
etag: "189EC241E3F4BF6B48B573CFB959DA03"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed398ffb-FRA
content-length: 81101
expires: Thu, 05 Oct 2023 03:01:48 GMT

GET
H2 200 kaijuqiangwenliekounv_dongtaimanhua-xiangtianxigua.jpg
static-a.xgcartoon.com/coverw/ 81 KB
81 KB 84ms
80ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/kaijuqiangwenliekounv_dongtaimanhua-xiangtianxigua.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a343a1840f00a5db5891891069d57a2af26f4c1b80be9098252cadcca0b4e6bb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:29:40 GMT
server: cloudflare
age: 190335
etag: "441C7D9C48ADD92C56645F75112A1835"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed3a8ffb-FRA
content-length: 82987
expires: Thu, 05 Oct 2023 02:43:46 GMT

GET
H2 200 wangulongshen_dongtaimanhua-paipailong.jpg
static-a.xgcartoon.com/coverw/ 81 KB
81 KB 80ms
76ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wangulongshen_dongtaimanhua-paipailong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f365a523630bea5ea3533ec5c06b7db2297d14ccf662fe90aeba69d9ac3158

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:32:09 GMT
server: cloudflare
age: 190334
etag: "39B918AEBD42D0FFC27FD6399F76C99B"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed3b8ffb-FRA
content-length: 82534
expires: Thu, 05 Oct 2023 02:12:59 GMT

GET
H2 200 wozaiyijiedeshishenzhilu_dongtaimanhua-neoman.jpg
static-a.xgcartoon.com/coverw/ 89 KB
89 KB 84ms
80ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wozaiyijiedeshishenzhilu_dongtaimanhua-neoman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59a24724025aaa808fdcb5db803d2127feba310c2acf9acb0e5365b9a2b8809

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:33:43 GMT
server: cloudflare
age: 190334
etag: "68B22A30E6B66C3A18BF426483A1D988"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed3c8ffb-FRA
content-length: 90958
expires: Thu, 05 Oct 2023 03:44:05 GMT

GET
H2 200 wosongkuaidiyoushenhaojiangli_dongtaimanhua4k-chuibuqidepaopao.jpg
static-a.xgcartoon.com/coverw/ 66 KB
66 KB 86ms
82ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wosongkuaidiyoushenhaojiangli_dongtaimanhua4k-chuibuqidepaopao.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af2b3c44d498d4ca737d2fbc0acdc882fc81ec81afc4c1b7d8548f9b52f64a2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:35:13 GMT
server: cloudflare
age: 190334
etag: "BAB8ABA6F4F3ABBE8F4305EFABA84344"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed3e8ffb-FRA
content-length: 67545
expires: Thu, 05 Oct 2023 02:31:15 GMT

GET
H2 200 zhanzhufengzhidajie_dongtaimanhua-manshengongchuang.jpg
static-a.xgcartoon.com/coverw/ 76 KB
76 KB 82ms
78ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zhanzhufengzhidajie_dongtaimanhua-manshengongchuang.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1917b964380fc9d01d1e73a79c4d7cd4c0e9ae2a34ae63ddbcd65cea655e9a06

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:36:13 GMT
server: cloudflare
age: 190334
etag: "7B438FF2C085D78C499DB5A0F124083F"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed408ffb-FRA
content-length: 77699
expires: Tue, 03 Oct 2023 11:38:58 GMT

GET
H2 200 senlinhaoxiaoziriyu-zuotengzheng.jpg
static-a.xgcartoon.com/cover/ 27 KB
27 KB 80ms
76ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/senlinhaoxiaoziriyu-zuotengzheng.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7abe4ef543f967bd6fbc94fc40b81fd8a19428d105ba4d20d6f31783e81f74b7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 18 Oct 2022 02:11:53 GMT
server: cloudflare
age: 190334
etag: "909670C9E71ED1B7F387FB0F463E740B"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed418ffb-FRA
content-length: 27507
expires: Wed, 04 Oct 2023 05:30:08 GMT

GET
H2 200 yiqidangqian_1-7jiriyu-datianhuangyi.jpg
static-a.xgcartoon.com/cover/ 127 KB
127 KB 81ms
77ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yiqidangqian_1-7jiriyu-datianhuangyi.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a1f2d2b3af5842dc4b63539230c2fdfef285afd76c1304d327daa0b51cd575

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Feb 2023 03:03:49 GMT
server: cloudflare
age: 190334
etag: "D12842BD1DAE25B413459A3FCFCC546B"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed428ffb-FRA
content-length: 129796
expires: Wed, 04 Oct 2023 05:30:08 GMT

GET
H2 200 shanzhangzhuonongdegaomutongxue_di1jiriyu-shanbenchongyilang.jpg
static-a.xgcartoon.com/cover/ 132 KB
132 KB 83ms
79ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/shanzhangzhuonongdegaomutongxue_di1jiriyu-shanbenchongyilang.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed841005c6fd7c9bd183a289bb9e7bc9c7a85e90d370bfb9eb42f440b7ede73

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 07:44:30 GMT
server: cloudflare
age: 190334
etag: "17421E25008222EDFE9BCBCEF2ADF721"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed438ffb-FRA
content-length: 134813
expires: Wed, 04 Oct 2023 06:06:35 GMT

GET
H2 200 maohelaoshutom_and_jerry_yuanbanpeiyin-migaomeidianyinggongsi.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 84ms
80ms Image
image/webp 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/maohelaoshutom_and_jerry_yuanbanpeiyin-migaomeidianyinggongsi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b0aa179f9950baa8375f953ee4a03b1606d0945ff3159dafa2c8bdcbb2d59f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 01:41:44 GMT
server: cloudflare
age: 13516
etag: "E5E81A81EBECBC8D433B057AF25B6B0B"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed448ffb-FRA
content-length: 1816
expires: Sat, 07 Oct 2023 06:54:51 GMT

GET
H2 200 dawangbugaoxing_di2jiguoyu-shituzi.jpg
static-a.xgcartoon.com/cover/ 14 KB
14 KB 81ms
77ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/dawangbugaoxing_di2jiguoyu-shituzi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eda68a8d6e9cf6039971639882c4b78f652fd47545a11a66bffc39df959e40

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 00:57:17 GMT
server: cloudflare
age: 190334
etag: "478FA90B6BC5A45142B686383C3AF18C"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed458ffb-FRA
content-length: 13997
expires: Tue, 03 Oct 2023 11:14:46 GMT

GET
H2 200 ququbucai_zaixiayeguaiguoyu-yuanqiwadongman.jpg
static-a.xgcartoon.com/cover/ 15 KB
15 KB 81ms
77ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/ququbucai_zaixiayeguaiguoyu-yuanqiwadongman.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97d3325c01891167615327fef9cd173ac264f69bf526c15af006ad27f99eaf5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 06:42:20 GMT
server: cloudflare
age: 190334
etag: "BEF514ECA2F8681E6F7AF4005C8CCDF2"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed468ffb-FRA
content-length: 15000
expires: Wed, 04 Oct 2023 07:41:22 GMT

GET
H2 200 yizhichonghun_dongtaimanhua-kuangshengdongman.jpg
static-a.xgcartoon.com/cover/ 11 KB
11 KB 85ms
82ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yizhichonghun_dongtaimanhua-kuangshengdongman.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb41d948989c5c65e69966c145618e2db14c247ba6b92a6bb7bc62eb29ad634

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 07:07:13 GMT
server: cloudflare
age: 13409
etag: "C051EEA0B9C1600DB5216E34275CEF3F"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed478ffb-FRA
content-length: 10954
expires: Sat, 07 Oct 2023 07:48:29 GMT

GET
H2 200 wuxianwangzhexiaodui_dongtaimanhua-youkushipin.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 84ms
81ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wuxianwangzhexiaodui_dongtaimanhua-youkushipin.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5e8e47f8c822a6b6949d92a6ae8666a793ba1f1a208f19b9cc696d560852cc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 01:55:55 GMT
server: cloudflare
age: 13409
etag: "C8835D7A4279B9037D93823591E23FE4"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed488ffb-FRA
content-length: 13798
expires: Fri, 06 Oct 2023 10:27:53 GMT

GET
H2 200 xiudoumodaoshidiyiburiyu-shenbanyi.jpg
static-a.xgcartoon.com/cover/ 3 KB
3 KB 116ms
112ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xiudoumodaoshidiyiburiyu-shenbanyi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45aff63862b7a85a48741e816ce3b9fdc7e2ea725e1f5989ceb47f502381a4d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 20 Oct 2022 04:56:35 GMT
server: cloudflare
age: 13516
etag: "F9364CF22F7C8152E974F570F4242ED6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed4a8ffb-FRA
content-length: 2697
expires: Sat, 07 Oct 2023 06:27:43 GMT

GET
H2 200 fangyuquankaiguoyu-loujia.jpg
static-a.xgcartoon.com/cover/ 12 KB
12 KB 138ms
135ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fangyuquankaiguoyu-loujia.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326db4ba0a99427d55bb9b9c42decc77d1d07a925a3c0bede1ad8e1f511c82f3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 02:14:52 GMT
server: cloudflare
age: 190335
etag: "BF325C19368B0FE3C21FDC47FB7A32DE"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed4b8ffb-FRA
content-length: 12407
expires: Tue, 03 Oct 2023 11:38:58 GMT

GET
H2 200 mofajinshumulu-jinzhibo.jpg
static-a.xgcartoon.com/cover/ 3 KB
3 KB 116ms
112ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/mofajinshumulu-jinzhibo.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1550cde0e7d219960e9cb08513b187557f36f8492494b8aa84722533baa675c4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 15 Aug 2022 18:13:29 GMT
server: cloudflare
age: 13409
etag: "9190D06529D3D2F33CF12DC938567CCF"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed4c8ffb-FRA
content-length: 2883
expires: Fri, 06 Oct 2023 11:28:33 GMT

GET
H2 200 yishijiemigonglidehougongshenghuo_riyu-suwoshechi.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 1514ms
1510ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yishijiemigonglidehougongshenghuo_riyu-suwoshechi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe364619ca5af89c1517dc71bb790c4b2fc8ad68e40828b73d35c01a057f2820

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 06:49:20 GMT
server: cloudflare
etag: "C4FF63CA5522451C13043B0A23C7D8F4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed4d8ffb-FRA
content-length: 1896
expires: Fri, 06 Oct 2023 11:54:01 GMT

GET
H2 200 quanzhifashi_di1jiguoyu-guanzhenyu.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 137ms
134ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/quanzhifashi_di1jiguoyu-guanzhenyu.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4620eb8558321711185c5cf37ba11012a3d67617ab55060ce2ab0c7ebb1a5dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 23:14:59 GMT
server: cloudflare
age: 172923
etag: "B9344F29FC35FDD5A32F6916143E46B8"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed4e8ffb-FRA
content-length: 13786
expires: Tue, 03 Oct 2023 11:51:44 GMT

GET
H2 200 fufuyishanglianrenweimanriyu-jinwanyouji.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 115ms
111ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fufuyishanglianrenweimanriyu-jinwanyouji.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e1cc877a10a8eb6972d29ff997fcba4280ce42b896f3909cd932ba02fd5bfb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 11 Nov 2022 00:33:12 GMT
server: cloudflare
age: 190335
etag: "2C07F9FCE1FF84CA15BF3FAE2284DF91"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed4f8ffb-FRA
content-length: 2390
expires: Wed, 04 Oct 2023 06:03:00 GMT

GET
H2 200 malajiaoshigtoriyu-tengzeheng.jpg
static-a.xgcartoon.com/cover/ 13 KB
13 KB 138ms
134ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/malajiaoshigtoriyu-tengzeheng.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59cff9a64bddf2deaea3effeb952babb3a012d05e7b1d3ecde5212f7c17b9a7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Sep 2022 09:54:33 GMT
server: cloudflare
age: 190334
etag: "B643EC1285EBF7BEBB2FE21273DCA74D"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed518ffb-FRA
content-length: 13245
expires: Tue, 03 Oct 2023 11:14:46 GMT

GET
H2 200 meishaonvzhanshiriyu-wuneizhizi.jpg
static-a.xgcartoon.com/cover/ 5 KB
5 KB 115ms
111ms Image
image/webp 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/meishaonvzhanshiriyu-wuneizhizi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42553a5c5c21454807af7cec2bc459c0dcb08728f1175db01d196b2bdfc8bf0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Oct 2022 01:35:28 GMT
server: cloudflare
age: 190334
etag: "3E3669DCE08F269784F773A3A0BB30C8"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed528ffb-FRA
content-length: 4672
expires: Wed, 04 Oct 2023 07:41:27 GMT

GET
H2 200 tianjiachongqi_zongcaifurenxiuxiangtao_dongtaimanhua_di4ji-baicha.jpg
static-a.xgcartoon.com/cover/ 5 KB
5 KB 115ms
112ms Image
image/webp 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/tianjiachongqi_zongcaifurenxiuxiangtao_dongtaimanhua_di4ji-baicha.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3523fe0bfc26b6aea6ba24d933045d533972c56d98371a9ad2f952afa3af4465

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 05:42:58 GMT
server: cloudflare
age: 147927
etag: "8B570B4703DC81B4249B18FA260FEB03"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed538ffb-FRA
content-length: 4728
expires: Tue, 03 Oct 2023 11:14:49 GMT

GET
H2 200 zhongshengzhinuanhunqingchongqi_diyierji_dongtaimanhua-akewenhua.jpg
static-a.xgcartoon.com/cover/ 14 KB
14 KB 954ms
951ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/zhongshengzhinuanhunqingchongqi_diyierji_dongtaimanhua-akewenhua.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847677e364f632a14b284e72e3b92d136e77486f4efccb0e81aa6d62432994cf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Apr 2023 01:15:24 GMT
server: cloudflare
etag: "1A563ACA7CEF7E855881649900046C24"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed548ffb-FRA
content-length: 13852
expires: Sat, 07 Oct 2023 10:55:46 GMT

GET
H2 200 huoyingrenzhe-anbenqishi.jpg
static-a.xgcartoon.com/cover/ 20 KB
20 KB 947ms
943ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/huoyingrenzhe-anbenqishi.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb41f5f31d4b2911ad91b5b7b05131f006837a6c2bba64dc0659266107431f3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 17 Sep 2022 12:00:46 GMT
server: cloudflare
etag: "5BEBF4DF6CEFE84525479C0D9499BF6B"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed558ffb-FRA
content-length: 20074
expires: Sat, 07 Oct 2023 07:08:02 GMT

GET
H2 200 lingnengbaifenbai_di3jiriyu-lianjinglonghong.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 873ms
870ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/lingnengbaifenbai_di3jiriyu-lianjinglonghong.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b497840fdc78d638af40eccc2c9fd9006670503964b7b8d7d84c5f8062ef25d4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 11 Oct 2022 10:49:35 GMT
server: cloudflare
etag: "79E4E799FC149BCB112B48BE58EA6B10"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed568ffb-FRA
content-length: 2301
expires: Thu, 05 Oct 2023 02:54:31 GMT

GET
H2 200 bulaizeaotemanchaorenblazarchaorenlibawangbuleisaguoyu-yuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 127 KB
127 KB 509ms
505ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/bulaizeaotemanchaorenblazarchaorenlibawangbuleisaguoyu-yuanguzhushihuishe.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d7e3dba795cc58a5bedbef6783f9e5151f51447f01b9e85e54bd16fb762cc15

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 06:03:55 GMT
server: cloudflare
etag: "0446BB7F702C0E60EC9D518B32F179A0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed578ffb-FRA
content-length: 129743
expires: Sat, 07 Oct 2023 08:17:09 GMT

GET
H2 200 telijiaaotemanriyu-yuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 15 KB
15 KB 915ms
912ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/telijiaaotemanriyu-yuanguzhushihuishe.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc8d4c8057500621917b3d88c33f534d917b03234c4716c04ca483e3dfdd69c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 01:33:58 GMT
server: cloudflare
etag: "9484ECFE745A52D1CB3D1419C8357010"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed588ffb-FRA
content-length: 15613
expires: Sat, 07 Oct 2023 08:11:10 GMT

GET
H2 200 youyoubaishu-fujianyibo.jpg
static-a.xgcartoon.com/cover/ 17 KB
17 KB 925ms
922ms Image
image/jpeg 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/youyoubaishu-fujianyibo.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 753107f53fa7b6669aea9980a59cbbe59f0d21ded66bd2dabe9ddbc24ddcb2b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sun, 07 Aug 2022 16:13:54 GMT
server: cloudflare
etag: "D7C5BA4A4C08A7C3445732535D7FFF06"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed598ffb-FRA
content-length: 17505
expires: Thu, 05 Oct 2023 04:15:22 GMT

GET
H2 200 wanyufengshenguoyu-litinghe.jpg
static-a.xgcartoon.com/cover/ 13 KB
13 KB 1396ms
1393ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wanyufengshenguoyu-litinghe.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3be69c4d77cd568b0c2d360918d62e86b33abfe1b08a2bb2c6993235a67d264

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 07:15:47 GMT
server: cloudflare
etag: "D3F7A84E6AF7F1EEF2956FB7592AC66C"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e370ed5a8ffb-FRA
content-length: 13324
expires: Fri, 06 Oct 2023 12:08:51 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309181453000/v0/ 8 KB
3 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4de6c8a24d8959593744ade6de22ed29b5404dcdd0243d43e52209b56383f66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 20:49:10 GMT
age: 92676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2976
x-xss-protection: 0
server: sffe
etag: "38f77e2398a961a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 20:49:10 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309181453000/v0/ 12 KB
4 KB 34ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71c87286b7656c279d8c6276b6602373709af8c8d4405cf94dc74e71ac9fd3b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 20:49:10 GMT
age: 92676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3930
x-xss-protection: 0
server: sffe
etag: "2c64beef00f20bbc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 20:49:10 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012309181453000/v0/ 237 KB
63 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe4af134347bf9383f0946d8417a70e5bd69298876a68c4b578ab6bdeacad81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 22:29:50 GMT
age: 236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64159
x-xss-protection: 0
server: sffe
etag: "694de4ba2c310625"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Oct 2024 22:29:50 GMT

GET
H2 200 duolaamengjuchangbandaxiongyutiankongdelixiangxiangriyu-tengzifbuerxiong.jpg
static-a.xgcartoon.com/coverw/ 232 KB
233 KB 194ms
114ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/duolaamengjuchangbandaxiongyutiankongdelixiangxiangriyu-tengzifbuerxiong.jpg?w=780&h=376&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f007df9b812e12d98cd233884871fcce8b0dd20e2c69b6cba83df8959dbcc2cb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 14:13:20 GMT
server: cloudflare
age: 190334
etag: "BEEB91A0D5D2F8225026822EC7DD3EEC"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e371adb38ffb-FRA
content-length: 237901
expires: Wed, 04 Oct 2023 14:28:56 GMT

GET
H2 200 mf_ghostranyouchedouhunmf_ghostjisuchehunriyu-zhongyexiuyi.jpg
static-a.xgcartoon.com/coverw/ 523 KB
524 KB 162ms
83ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/mf_ghostranyouchedouhunmf_ghostjisuchehunriyu-zhongyexiuyi.jpg?w=780&h=376&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cccf51f08aa12186ba54c5215103eebefa04e8a8af0919fd4104c814475fb3d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 08:19:56 GMT
server: cloudflare
age: 190335
etag: "375F9789FCAC8CFB0027BD7C839DA0B5"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e371bdb58ffb-FRA
content-length: 535542
expires: Thu, 05 Oct 2023 09:44:33 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
15 KB 298ms
222ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_header&adk=807729522&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=1363681995&nhd=0&adx=436&ady=80&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826547&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1171&dtd=98&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4486b96fbad5ef39657cadc38db6d1604e4a41b9cca9c66eec99d678135e4e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14104
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: COn4-s253YEDFejjuwgdUHkLZA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:46 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
16 KB 1164ms
1088ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_1&adk=1345413239&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x100%7C320x50%7C300x250%7C300x100%7C300x50&output=html&impl=ifr&ifi=2&fluid=height&msz=0x-1&psz=0x-1&fws=4&adf=842741550&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=99&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b6609e74783004520b0b7ed85220e0f8b9aa91d8e600a4417a846d9e5953694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 336x280
google-mediationgroup-id: 100669
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CLX9qM653YEDFa_zuwgdgfUPeQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: 425410
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 1719ms
1642ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_1&adk=997395249&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=3&fluid=height&msz=1200x-1&psz=1200x-1&fws=4&adf=4107419727&nhd=0&adx=800&ady=637&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf91cd36a4d0a68c85ade427483a2385210b4f1b1f63e7247cb96e666b3b421b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14127
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CNy00c653YEDFZv-uwgdndkDJg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
16 KB 575ms
498ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1425218679&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=4&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=3343197514&nhd=0&adx=800&ady=2269&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7843c03ee12b71bc5025e16d6e95938d16669417cdebc3b3a0cefdb41c13afc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: 100669
x-creativesize: 970x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15812
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CIGehc653YEDFWnAuwgdEfkN5A
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: 425410
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 1572ms
1496ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_2&adk=665818911&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=5&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2267600489&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=101&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49813518faa287e39e03222e572e5f7a2b387c58000228b62a8fc455d19ed7bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14113
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CPrIxs653YEDFV7-uwgdcIMB5g
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 727ms
651ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=3860582034&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=6&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=757795631&nhd=0&adx=800&ady=3232&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=102&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eedfa690ca9d2a60c870b97652a3ed26f0a4919c57eceb0bbc7154d142d771ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14119
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJGPlc653YEDFd7juwgdi94PYw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 883ms
808ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=1395775898&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=7&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=66028269&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=102&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c280389c8ca6a98a28b84c9be43fc8adff11a10246b3e0879aa106cfbdaf6ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13301
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CNKj-s253YEDFRif_Qcd5JQHLQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399065
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 152 KB
44 KB 1416ms
1341ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1246061670&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=8&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=4291690939&nhd=0&adx=800&ady=4195&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=103&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ce24b8f5bb27695d00f835848b6087e25a69a39bfbbf1fc02268763731b24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44746
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CKiEus653YEDFYKU_QcdoBMChw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 2497ms
2423ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=3382497679&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=9&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=387331864&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=103&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a994981c7ac070cf9e0ad1e43faf4f386b72a4f4547d8cb334603cc0dd641e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14110
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CNXdgM-53YEDFbOM_QcdjgcLLQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 2335ms
2269ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=3639063491&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=10&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=2473948382&nhd=0&adx=800&ady=5158&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826548&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1172&dtd=107&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6d47053e614d36ffeb9da1e22fe88c9d0764dca7dd005271b246e4203825d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14111
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CNiu9s653YEDFUqT_QcdwgMMLQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 1983ms
1918ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1451229007&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=11&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=366815570&nhd=0&adx=800&ady=6121&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826549&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1173&dtd=110&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54f173a5ee26a4413615375fbef00ca9ca3ae10d283acf313135ecec9b881b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14096
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: COjN28653YEDFTjkuwgdskUCeg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 2182ms
2117ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=2355133382&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=12&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=1713749083&nhd=0&adx=800&ady=7084&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826549&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1173&dtd=111&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5183f18d98de7f5d6749de7245e8e1fff348de2816700ad9f0d35642da8578b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14107
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CLC57M653YEDFUaT_Qcd7zoPtg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 2740ms
2675ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=1043970851&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=13&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1198440276&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309181453000&d_imp=1&c=2895000583&ga_cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ga_hid=583&dt=1696458826549&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=1173&dtd=112&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53de6a5a7416da5f3507cc8d6e560a1a834de21b32626f296f4c2a1c8f2714d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13301
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CMeE_M253YEDFfLHuwgdw7MBAw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027455233
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 container.html
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 165ms
27ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012309181453000/v0/analytics-vendors/ 2 KB
886 B 21ms
21ms Fetch
application/json 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 20:49:06 GMT
age: 92681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "6c7d99d062e3f63a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 02 Oct 2024 20:49:06 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 204ms
204ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
AMP-Same-Origin: true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:47 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:36:47 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 95ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=583&cid=amp-QXwjzIp2fqTm8byj9cV5_Q&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2F&dr=&dt=%F0%9F%8D%89%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1696458828&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FDC9 6 KB
3 KB 43ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8114 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B3B 6 KB
3 KB 40ms
33ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 93FE 6 KB
3 KB 52ms
33ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9743 6 KB
3 KB 77ms
25ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 04EE 51 KB
20 KB 193ms
93ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSgALlekIu-PoAAt5UEeGD_vaWwKvgVGkQA&u=%7CSL%2BWdtGiM8g1BFnzmFLlC9HY%2F1dBan642FwutJcNVko%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkSCFAawZDNKsDpS5F79akQqBUSJUAJUGpbBHYz7ZRxejCnKHGN7sMIzNg9bVZCatowrboqnqOh0IiIL91mqrMFTF6FxPwFN3LS2YByjSXfZCCUrsCMid7krBLX57rH0uFF4_UsMJpIARH4BYJ1UEAVqEWFPttOEK1XtRhxIkkUMlhfEWwLFAs96iR_Ktul_JK_Ni8zTt9Yhxrh7U8gOm4kpuIWAv0KTzM_NgMFFZ5697v9qJjQNieCPJdn7ZtANX1Q97ucNBx1qQyP__8xq23o4aBI2_rM22MAShXJiZGXl7Y4yUqkDT1NH2VACCohChByP6PPp-e1Kk9d6vLC-VOl71C-EUB1ldkWPh8T1MAbHW9KoB3VdmV2JeA59kPqQYdp70_TNcDwA9Px6Rp_eyFuYXrixCpqIcS6d9Y5VtiJdtd5WWeVKzrmP7_RMdRUhVSWFl3reg1zoL9LJ5oSmsoizciIOIg2tqUznmCYSyCA1qFwYbPT7scxGC4O2Dq4kQcj272XGJffncIaZ7Sjp-bCKAtZi8eXwWz-uorU2a3rmHLLU8PnFgvqFhGREikZB56&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTTzJSugdZemrLujH7_UP0PKtoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Q_OT3eydrKKOXp2PxpjrxKrQp39aU4cGl2bJ3FmccbbXoAjP23P2afigh0PBX0v4erYvMeM7WNIU7xYKA_40C0T1sr9UDLvP7HXf3UiSzVYA8CHnL-CSJCQ3LsrfPasMq3pSkbCf2RbjWdmeyl9z4XXklJXSqz9ge7NwaZ4LJir_LHWrqBBLEdTmSc3rMeJP5J60NW22Ny4Ik4F7pn60KZRu1um1ByaTYOSsQBcgPT08mgpSWL5QYM3gH7B31Td0NLNGwSm7P9Wbxd_YNKorjXfe86PaEXR1VzjTVnrYEpRb1iGBV3YhxM3o6qpxHfj1yA8DZsEuNZk_whOAEAYAG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kEAUrBmlrOwY1SUrxCHn02j1KKw%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9648a5fd0b7367a3dab0099dd9dd142c0a03ab7da9c50ec91ef3bd3084358474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ysy1BeEHWqTILRb8PSb3ws0zABJU6wAGJYkIcrN85lN3OG9T4bfL9ID52L-sW8ohhyOFTRvUoDpCuGT5wo483EB6cZA_CoxzsJkEsKe1YQm4r7Lr4q5Am-sIC7R0VguclBzE61OIqGKswnELP8FwATFif9iflCEEO_fnlg7am06DHH3ZeJ0y3nKEvp2CU8AXkZMkkH5rthVcetpC57QxYVweeSuR61PJDZEoqt89PY1hvTgM9qJ3Ytv5Eti5XOPJOPlzHQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 2847267
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame FDC9 3 KB
1 KB 49ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame FDC9 20 KB
8 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FDC9 24 KB
6 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDC9 187 KB
59 KB 91ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 8114 13 KB
5 KB 183ms
120ms Script
application/javascript 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=Xgcartoon_StandardDisplay_OB&tid=206230
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: /
Resource Hash: 4090bbd44bead5ee98e93e4f1e2c35fa336e4d89b4d72432d77a4b6f8fea1270

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: "337313742d425ffbb0d298e74c16ef921fc4cba2"
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
content-length: 4621
x-amz-cf-id: CxOox5zlAQVODWGlCAtShCOVHsZTi6PEQkNo6lxFC3DvlLHK7xTMTQ==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 8114 3 KB
1 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 8114 20 KB
8 KB 29ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8114 24 KB
6 KB 36ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8114 187 KB
59 KB 180ms
139ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 8114 37 B
221 B 92ms
22ms Image
image/gif 52.59.78.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZR3oSwAH1fUIu_OvAA_1ga_oGYrvdPeecG4X3A&ts=1696458827&aid=40593631857913681604800&ec=5563_66529_OADD2.7284289540934_1IRPT5BB4AESQEE696&n=Gs4CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD00MGFhZmExYy02NmMxLTQwZDEtOTNlYy0xM2M3M2VlYWEwN2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPVY1Jm9BZFVuaXQ9MTE3MzAzNzQmcHVibGlzaGVySWQ9MjUwMTUyMjM1JnJJZD00MGFhZmExYy02NmMxLTQwZDEtOTNlYy0xM2M3M2VlYWEwN2QmcnR5cGU9bnVybCZ0YWdJZD0zOTEzNTgmdHJhZmZpY0dyb3VwPWdldmN5cnl2c2dfcGN6JnRyYWZmaWNTdWJHcm91cD10cWNlY25mZiZhaWQ9NDA1OTM2MzE4NTc5MTM2ODE2MDQ4MC04MyZ3cD0wLjAyNfICiQIIABIXNDA1OTM2MzE4NTc5MTM2ODE2MDQ4MDAYACABKLsrMOGHBEABSABQAWASaApwgfshkAEAmAEAqAEAuAEKwAERyAEZ8AGWywz4ARmAAhGRAgAAAAAAAPA%2FmQLXo3A9CtfTP6gCALACAcgCAtgCAPECZmZmZmZm5j%2F4AqU7kAMAmAMAoAMAuAP3zdsByAMA0gMmT0FERDIuNzI4NDI4OTU0MDkzNF8xSVJQVDVCQjRBRVNRRUU2OTbgA6Liyk3pAwAAAAAAAAAA8AMZ%2BQMAAAAAAAAAAIAECIkE16NwPQrX0z%2FABFPQBADaBBk0MDU5MzYzMTg1NzkxMzY4MTYwNDgwMCAx4AQA%2BAIFiAMBkgMEOTg5NZgDAKADvvEXqAMA
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 04 Oct 2023 22:33:48 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 8114 37 B
140 B 82ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=40593631857913681604800
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5B3B 18 KB
8 KB 124ms
69ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d0c146f05d0e89709a24a6a45bc2bb399bfffe4f11294a3673c72388cc582d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7886
x-xss-protection: 0
server: cafe
etag: 15580543245055236877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B3B 187 KB
59 KB 200ms
178ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B3B 0
439 B 62ms
61ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu53jEJsrVwlFgQWBgAleBBphFswuIkOVKNly5i8hDdIwqDHKByCyiceCV5W3O8WCYoB0ZWp2lg7530en6ZzRECM1XML9Xh3q_bAYEdWeGIKb1nBSyKvsPTRY2hnIwPcSbeswzDAbfIA4TV4I1IZp6gjTM32lmkhGDhB8y0PAuuDmWlZm-plJ1lnpcRQAOQEPf56lVDJ_CxzBZsqhizBI27QPPkofTxbnJsyH49bcmTa4ykmTPpFQBAeE3UO0R_kDPnC8fLZje8AJNrpqcOmSsHErvilhsAp3k2_CUbGEf5wG9Fq1OpIM5WQDubD8fkSm8Xm3uDvEOcI7n6-1G_wIxgbspI-aXiCT-7HJ8&sai=AMfl-YQ38U33rLvGx4SLAV3XUK_sbRHhRzZMqJYfHY_0u4gf0XB0E-U22Cb8kLAgHaREuu1G6eLIo6yorvSu6cQ&sig=Cg0ArKJSzKQTieMNwlsrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 93FE 14 KB
5 KB 153ms
121ms Script
application/javascript 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=Xgcartoon_StandardDisplay_OB&tid=206226
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: /
Resource Hash: 44d7c8f16c9fbfc3738b2ffeea5fe2bd6fdbb9bb0d76b0f067702efb9c4f86c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: "654ed0b956c46ae4616d14412c46ca536a3f0fe6"
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
content-length: 4835
x-amz-cf-id: 6jEYEzYET2g-PWthB5-pU-o8agTgJUqxLXjXTBD7chvq2zZlg7QUyw==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 93FE 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 93FE 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 93FE 24 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93FE 187 KB
59 KB 112ms
101ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 93FE 37 B
220 B 62ms
22ms Image
image/gif 52.59.78.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZR3oSgAOKIEIu8BpAA35EStPDcrzZDTP93pSPQ&ts=1696458826&aid=36662797464811365849420&ec=5563_66529_OADD2.8246380733465_1ZHL11XZSXCHNK9RFF&n=GtACaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD03MTJkZDlkYi03ODM2LTRiODItOTg3My04NDExYjc2MmQyYjEmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPVY1Jm9BZFVuaXQ9MTE3MzAzNzQmcHVibGlzaGVySWQ9MjUwMTUyMjM1JnJJZD03MTJkZDlkYi03ODM2LTRiODItOTg3My04NDExYjc2MmQyYjEmcnR5cGU9bnVybCZ0YWdJZD0zOTEzNTgmdHJhZmZpY0dyb3VwPWdldmN5cnl2c2dfcGN6JnRyYWZmaWNTdWJHcm91cD16aHZxZnJ5YXJqJmFpZD0zNjY2Mjc5NzQ2NDgxMTM2NTg0OTQyLTgzJndwPTAuMDg08gKFAggAEhczNjY2Mjc5NzQ2NDgxMTM2NTg0OTQyMBgAIAEouysw4YcEQAFIAFABYBJoCnD2OJABAJgBAKgBALgBCsABOsgBVPABkssM%2BAFUgAI6kQIAAAAAAADwP5kC16NwPQrX0z%2BoAgCwAgHIAgLYAgDxAmZmZmZmZuY%2F%2BAKlO5ADAJgDAKADALgDAMgDANIDJk9BREQyLjgyNDYzODA3MzM0NjVfMVpITDExWFpTWENITks5UkZG4APDzcpe6QMAAAAAAAAAAPADVPkDAAAAAAAAAACABAiJBNejcD0K19M%2FwART0AQA2gQZMzY2NjI3OTc0NjQ4MTEzNjU4NDk0MjAgMeAEAPgCBYgDAZIDBDk4OTWYAwCgA77xF6gDAA%3D%3D
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 04 Oct 2023 22:33:48 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 93FE 37 B
139 B 53ms
25ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=36662797464811365849420
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FD7D 183 KB
55 KB 194ms
150ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSwAC3tEIu-PeAA_ei4h7BIqkMOkV7oivNQ&u=%7CATS3cGGWxqMR3BGuPCcAi3pXLzfNsRxnZSLUacwtUc0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5oPChMrPEwoM8KZE3HYwaEjUvDRtwv_jYYuKD9vakB-bNqGLYtsI8W7D6EUpSiDsqsH-0S4VaKK7gnJcjbux5nR4iUFKr661EI6tpvlJlkR_3XJL47naQTZH3bGCz7evOuiThPkYomq-KFG6RpoVNFbQBuiNJwFW2cAtmYxS_Itxy0SmnPqG6Xo-pD-WPJY0eGCZqxqdpyZI75d1TBS4FHrsHW6YZRTj0cn1WbfjvxmHKBMb4XfQEhosw_XtbHrqezfbZazMeaXAz_XVJQGP8VVO5Q_9nFHCkLy7BL3TVcsXCHg3IsKHAX-w06Kb6phNx1YKLryLwLtjz7tWVJxiF9mds-1iMO6bvcbSQT28jh-gGUv0XaHvUyYhCk6Mp196JLe7SQfou-ctw2Cal_iq2oSALnh2FEKTekdq5qToHDBdyPMzk3Ir2b9oHkYV3GEoXeXQhDHJKG8g91Iwr82VxTzPPaQlDK_8WFQhfUzI6AS2cqXlB-nbFeUwg9GcsMbhgBOY5dG582-pNFMUO1VyEZdErrtdRYRbe9qub0fZJX6_OwjNmaRLRX4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgFgtS-gdZdG9C97H7_UPi72_mAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgSDAk_Qncj4H3meEV_wzwCeAXeXtYH4e9D09hQIWkZxDSJyUeQ3t1ge39AcTsNWAs8q57QgzTJPGj6IcBaxvQffuaDPxtQl2X2abhzMQNpOkvXHJdW_xxgNdBW3axeyxFAQIaCCjsBqzfANGSio_3gJoquJUC9QgKE6MhlTNtBsCDN6aPtuJvUSlWh2nagjdcyjIkwVzSlD44rj-e_Dsr1ahxLpRctEq8pcav1wBzmp_GoJhsspJ4TUP7W4uot0wInrULTPP8CxkboRueuYdNVUzEZYorR1V17wtnF8VlQGz54zSYhDR0u-cn9l2uMk-ehx7aGr0szjzIepgQVluRkjKLxbihDgBAGABufQuof81-v6RaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0w6fuSLdXzcUs_HTiIOkhdDFsHSg%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f70f33bbd200351e29167c7ca9a3421082c7748f7966c3c933eee941d949efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3SFpX-EHWqTILRb8_pAiGoXZxr9MSwOdJ8cvjt5ND_S4wOpY2fkO3A3f82VO93Ep7z-xQ1IHzHWdMO50oi6qNyfpnXNTzfjugGS4eZaTa49JOzDDXrnZPLwcMx-jEsYy_-OrrvQVChox7f2eGzdvFbGnrgkl6zY8HWh1Gc-XQn-eKN2ntRSdVnkp-1rIqQc9MLlEGCZ5uloIN10II5aCVgp1uIwa-tj8eTpF_aXxTHbFaf8xwWOYJFdDdTr8yq9vKNTLZw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58813305
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 9743 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 9743 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9743 24 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9743 187 KB
59 KB 102ms
100ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
DATA 200
OK truncated
/ Frame FDC9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5a095f89c9fbc0b71e2d7b34e48ce0ec373fcb6d45998d30d2ceacccff2a299

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 04EE 2 KB
1 KB 169ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSgALlekIu-PoAAt5UEeGD_vaWwKvgVGkQA&u=%7CSL%2BWdtGiM8g1BFnzmFLlC9HY%2F1dBan642FwutJcNVko%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkSCFAawZDNKsDpS5F79akQqBUSJUAJUGpbBHYz7ZRxejCnKHGN7sMIzNg9bVZCatowrboqnqOh0IiIL91mqrMFTF6FxPwFN3LS2YByjSXfZCCUrsCMid7krBLX57rH0uFF4_UsMJpIARH4BYJ1UEAVqEWFPttOEK1XtRhxIkkUMlhfEWwLFAs96iR_Ktul_JK_Ni8zTt9Yhxrh7U8gOm4kpuIWAv0KTzM_NgMFFZ5697v9qJjQNieCPJdn7ZtANX1Q97ucNBx1qQyP__8xq23o4aBI2_rM22MAShXJiZGXl7Y4yUqkDT1NH2VACCohChByP6PPp-e1Kk9d6vLC-VOl71C-EUB1ldkWPh8T1MAbHW9KoB3VdmV2JeA59kPqQYdp70_TNcDwA9Px6Rp_eyFuYXrixCpqIcS6d9Y5VtiJdtd5WWeVKzrmP7_RMdRUhVSWFl3reg1zoL9LJ5oSmsoizciIOIg2tqUznmCYSyCA1qFwYbPT7scxGC4O2Dq4kQcj272XGJffncIaZ7Sjp-bCKAtZi8eXwWz-uorU2a3rmHLLU8PnFgvqFhGREikZB56&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTTzJSugdZemrLujH7_UP0PKtoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Q_OT3eydrKKOXp2PxpjrxKrQp39aU4cGl2bJ3FmccbbXoAjP23P2afigh0PBX0v4erYvMeM7WNIU7xYKA_40C0T1sr9UDLvP7HXf3UiSzVYA8CHnL-CSJCQ3LsrfPasMq3pSkbCf2RbjWdmeyl9z4XXklJXSqz9ge7NwaZ4LJir_LHWrqBBLEdTmSc3rMeJP5J60NW22Ny4Ik4F7pn60KZRu1um1ByaTYOSsQBcgPT08mgpSWL5QYM3gH7B31Td0NLNGwSm7P9Wbxd_YNKorjXfe86PaEXR1VzjTVnrYEpRb1iGBV3YhxM3o6qpxHfj1yA8DZsEuNZk_whOAEAYAG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1kEAUrBmlrOwY1SUrxCHn02j1KKw%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 04EE 2 KB
1 KB 167ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 04EE 308 B
636 B 38ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 04EE 293 B
621 B 37ms
32ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 04EE 43 B
348 B 155ms
37ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=T66KQlu69ZGzjz5FEfJZITS7H4WFZ19v4TPpezqv48yb0uq7z54qOArtxXu3FgFlxzEn6vokYEC3m4SQMHm064mn3WHK-C4_eZ9DBEAG35JvxzwJomguUI0XRrJnwkVlpoxXnxsq-6GFJ5nrWKHX71A2v-LJZFDY-0n4_XIMQv61kU6uw61RabTWesGE330_Lff7yTVd6Y9EPdOB5j0Mgo8FyhNrV9rPvr3y-sbOLm1xTl-AHPkk2Fa7JeDnFxnz_75w8eGzuNWfSldBQCp-wprCbr0DA4vw8Tw4aEHRkHDbLaRyTjFfhR_x6NGkmFgBy9gEE1W9m9EQ9jd8Nu8f-lv06spJN1tuGqoB8jSMO00MdngtVwFWUPNPnJdo0q2Av02aGA2nfVnWgLNvl8wq0EGPTZhQ4wKL8uDXg2yazsGoS0z8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1476590
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 d96f58bc58e647979ece19cec75d51a9_image_ad_728x90.jpeg
static.criteo.net/design/dt/99645/4842297/ Frame 04EE 62 KB
62 KB 60ms
56ms Image
image/jpeg 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/99645/4842297/d96f58bc58e647979ece19cec75d51a9_image_ad_728x90.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5aacd2e9c7ec1a3b33bdbce9a72f0fa9a3ac84151bb3c94ad3ceaab8467001a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 13 Jul 2023 13:32:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "64affd02-f615"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 62997
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5B3B 143 KB
50 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a0ed7e9e81a11d3dad0f6bb51a81db76065432eea18a0f3287055edab8ada6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50577
x-xss-protection: 0
server: cafe
etag: 7851934251833974800
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:48 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FD7D 2 KB
1 KB 98ms
37ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSwAC3tEIu-PeAA_ei4h7BIqkMOkV7oivNQ&u=%7CATS3cGGWxqMR3BGuPCcAi3pXLzfNsRxnZSLUacwtUc0%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5oPChMrPEwoM8KZE3HYwaEjUvDRtwv_jYYuKD9vakB-bNqGLYtsI8W7D6EUpSiDsqsH-0S4VaKK7gnJcjbux5nR4iUFKr661EI6tpvlJlkR_3XJL47naQTZH3bGCz7evOuiThPkYomq-KFG6RpoVNFbQBuiNJwFW2cAtmYxS_Itxy0SmnPqG6Xo-pD-WPJY0eGCZqxqdpyZI75d1TBS4FHrsHW6YZRTj0cn1WbfjvxmHKBMb4XfQEhosw_XtbHrqezfbZazMeaXAz_XVJQGP8VVO5Q_9nFHCkLy7BL3TVcsXCHg3IsKHAX-w06Kb6phNx1YKLryLwLtjz7tWVJxiF9mds-1iMO6bvcbSQT28jh-gGUv0XaHvUyYhCk6Mp196JLe7SQfou-ctw2Cal_iq2oSALnh2FEKTekdq5qToHDBdyPMzk3Ir2b9oHkYV3GEoXeXQhDHJKG8g91Iwr82VxTzPPaQlDK_8WFQhfUzI6AS2cqXlB-nbFeUwg9GcsMbhgBOY5dG582-pNFMUO1VyEZdErrtdRYRbe9qub0fZJX6_OwjNmaRLRX4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgFgtS-gdZdG9C97H7_UPi72_mAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgSDAk_Qncj4H3meEV_wzwCeAXeXtYH4e9D09hQIWkZxDSJyUeQ3t1ge39AcTsNWAs8q57QgzTJPGj6IcBaxvQffuaDPxtQl2X2abhzMQNpOkvXHJdW_xxgNdBW3axeyxFAQIaCCjsBqzfANGSio_3gJoquJUC9QgKE6MhlTNtBsCDN6aPtuJvUSlWh2nagjdcyjIkwVzSlD44rj-e_Dsr1ahxLpRctEq8pcav1wBzmp_GoJhsspJ4TUP7W4uot0wInrULTPP8CxkboRueuYdNVUzEZYorR1V17wtnF8VlQGz54zSYhDR0u-cn9l2uMk-ehx7aGr0szjzIepgQVluRkjKLxbihDgBAGABufQuof81-v6RaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0w6fuSLdXzcUs_HTiIOkhdDFsHSg%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame FD7D 2 KB
1 KB 96ms
36ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FD7D 308 B
636 B 66ms
66ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame FD7D 293 B
621 B 69ms
69ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 28 Sep 2024 22:33:48 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame FD7D 43 B
347 B 83ms
83ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=P0Pei6OkZMOiIarFHVQcFtrWdF4FQvdnWUcO7iWXzPsyHHaZE4FEpN3Ig_U9OSMjhPgVgP1tU-97D9m-ixyT85IIVxv6MeMEGyFZZHJM5O_zrMOKl7fiRB6T6-fqsUE47SdRGeN9biQ-fn6MSOygXxFBZ7Yq3r5w2VToyzc2nCmWwATz3LJFxPDb32x5W46-dBu38mYC3R6bX9Ow5TgL03FTdBDyu_3DK-G4qmEsD2ZqCPawjEp3rG4HCzI3y1ifk_oXEn29nVOoMRIpLxeZ914_bx5jP2QtyxJXO_Oi8Z4lywg0uAgNUb_gFoK7BX6PssRKQA2G5NqhhMGQ1kUFqvJkIU0tibAExsFzMVbtZ1YKX-cWviJ3nZwgS_J0v8-zwjBhoLOcVqW0UJeOYNsakYyXcmi2QfsFX7NUetxkRV6Tzlj_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1680402
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/ Frame 8114 193 KB
61 KB 29ms
25ms Script
text/javascript 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=Xgcartoon_StandardDisplay_OB&tid=206230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c9a65d43fd753c36bc9b8eb9628e430b9278c8461eff6284cfc364e239703bc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:01:06 GMT
content-encoding: gzip
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1053163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 62030
last-modified: Fri, 22 Sep 2023 17:44:07 GMT
server: AmazonS3
etag: "fa3e5c599e2c3094f137c6ae50b3ea49"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: WFmCtMOAA9LQ_pFlxyOTm6ELK_3Tqwo0aPn8Oz1L39HepoAuw-eb4Q==

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/ Frame 93FE 193 KB
61 KB 52ms
51ms Script
text/javascript 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=Xgcartoon_StandardDisplay_OB&tid=206226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c9a65d43fd753c36bc9b8eb9628e430b9278c8461eff6284cfc364e239703bc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 18:01:06 GMT
content-encoding: gzip
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1053163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 62030
last-modified: Fri, 22 Sep 2023 17:44:07 GMT
server: AmazonS3
etag: "fa3e5c599e2c3094f137c6ae50b3ea49"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: CdEcXl-c085zeQYxIz5PDEnflnl-_oPljKXnV3vfVQgIxYLElZO6cw==

GET
DATA 200
OK truncated
/ Frame 9743 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 032d6defe17c485a528f13e4ec06a8e331f1dc3a14025cef32111347573658cb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1530 6 KB
3 KB 28ms
27ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame FD7D 12 KB
5 KB 177ms
55ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1811397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jex%2FJ0j1vaAyYQn%2B%2FReklfCZszqX28vqEAnsGvPvq1ifJx53GXCB7JaSOr%2B6RMaqFFjA%2FLdZZ424b%2FmUfmQ4CJ5U13XEL0oPTB3SCAfhnmWwbiq4QnL8kelO2LjJT7T2WovK0y7oc1PLvcDnFKfMkDL5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8110e380bd7001f4-ZRH
expires: Mon, 23 Sep 2024 22:33:48 GMT

GET
H2 200 b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
static.criteo.net/design/dt/ Frame FD7D 56 KB
56 KB 132ms
66ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 24 May 2018 07:59:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0670fe-dec4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 04EE 0
128 B 109ms
33ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ysy1BeEHWqTILRb8PSb3ws0zABJU6wAGJYkIcrN85lN3OG9T4bfL9ID52L-sW8ohhyOFTRvUoDpCuGT5wo483EB6cZA_CoxzsJkEsKe1YQm4r7Lr4q5Am-sIC7R0VguclBzE61OIqGKswnELP8FwATFif9iflCEEO_fnlg7am06DHH3ZeJ0y3nKEvp2CU8AXkZMkkH5rthVcetpC57QxYVweeSuR61PJDZEoqt89PY1hvTgM9qJ3Ytv5Eti5XOPJOPlzHQ&sds=2&rev=88684&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 04EE 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 04EE 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame FD7D 12 KB
6 KB 39ms
34ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H3 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6935 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 93FE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c01b4b21ae795ea053f0828237a68a5426fae41ad301604846d89d69393e3de

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A920 239 KB
63 KB 126ms
124ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSwAPO7oIu_5eAAGDcBrviLPQ4uRMVDoY5w&u=%7CwEhugyb8jFCrt%2F4jFK4Bf6Yc%2BfR%2FU46g%2Bl6zATscC%2FU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBExYQ9MR0Jvm_bL0lQkEdhsw4FL--jOhcXvZRNo981STF9r2eHLKVNUd2m2-2kkdRX4Yzxgcdg532gOnA9ajJMeqLhe9fgZ4sCCBDJCkCVriXE5IrAXfa6WkrKxDa6A489Nw4aWW4ZryV9W4mpYBEq4d-9oJOw5Ln4UNhdnY0jYxSr5WKxfTzXl_YWhajrFBVXSB7CcSsffMbuOj0KCtMp-2Qv5XeT9HnYR7BNcb8i0NOIJx4-qDfIjZGMydONyROEs3nK4bavzuBHQeqBVs9iuolP8OejSBMoPJR2WTJcEMh2HTIE6Cl9j7B2M8fWAl1lFtpCfLaGE-zFO2rAIUQXMdvYCjC_ReWXdPvrBydHPBti2q17UBMRyFZi_yyNyhh7fCDW-nX-QytX8YlV7QPnx3b8IIAWoezkK3jQkyubbx3USoLAtJsYHRu17cvJVncifvGAKrc08V_NgqC9eRdxwabWbQ0Ic3M5HQ3QWvf9DDwUc1Bxq0A4uJJswDltze96aFXSBLN1IGb_SS3aAmEl63PMCc6nBorgF_Ew8h56uHoi1YTVnmHSlVJrtTC5RF4i0P9dVJwJ8V6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtktHS-gdZbr3PN787_UP8IaGsA7JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Qvow9nbkHAtvW7kjmSlddXlqvIv3e7oHir_xjqFMa34cJ-8bVb9JzGB-pST81-clKfJ5WSbp9rWmk2LW4kmbUwqY0bpYd3gcNp1WlM8_v2H4kpX04YM8NXe2Z8ESvmylrAMxr8j25MDR6R-gD-jXdexp0YL64ukxVUz4SMxEwwCEsqxdCQjfg9JE8IHw_M8NxPhl8DDkQsHb-hcq-_Xg8xX_ZKUduei8IpaKbisg_wboOWvXaJ8IYnyOSFAci2SYu9bUnd6dP0m_hvVhsEc3U3_5gQoRFxBIiMR5jy4a7F3C16ugTYjkCHpFpcOzpR9jJIRGiPc6F8E2oMeAEAYAG59C6h_zX6_pFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2sbc7QbFlftOPgr-Qy9dW-NshnXw%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f568e8f06d15eb4ea381047197f11c9aac65a0841c5602381376eb25ab240c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Fg4J4OEHWqTILRb8AE2YJd7tIv_NXHEVlnnxzIRhs12z5g4kNAc0O9oC1VNHTT3u3qcXSEDK4zOaSZi0J17bnQ-5guQZqaiy78RhXlUUFRTSAxpCfhidvyS0GPm_PMZbZi9gMJmtRYjcvFU4Gl1k91X3bebV68Pzf5ncVsSt27R-k1pL99QLSpYKgrXmhsFR5gFnfhcb2WrAyuozTpbUXFMtwat2J6lcdWsayG_imZN2FSV32rV823qBoLvV1RvJ_dF0Cg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 85234368
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 1530 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 1530 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1530 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1530 187 KB
59 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 11 KB
11 KB 140ms
59ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=17440&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F17440%2F210816%2F0e691d31ca8749f48506ff5bc49a7052_logo_c-a_black.png&v=3&w=356&rid=4&s=iPWeq0aETQVAeapPYHggYK-P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b655eefff892b9c7eea8641af1a9d3a9bcccf16e7cf15e81d7b7e849e1346db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11121
expires: Tue, 03 Sep 2024 08:13:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 7 KB
7 KB 110ms
30ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%252Cif_ih_gt_iw%252Cw_700%252Cq_95%252Ce_sharpen%3A70%2Fif_iw_gt_ih%252Ch_700%252Cq_95%252Ce_sharpen%3A70%2Fv1686042609%2F2204795-1-08.jpg&v=3&w=400&rid=4&s=9TJ_8fbiXJQqAzeuu1oUzzQi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c3419b9265a2e9428d879b0da8472d6643a0d7099237da048aca9520fbdfc6be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7100
expires: Mon, 02 Sep 2024 06:43:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 9 KB
9 KB 183ms
103ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1695203526%2F2201289-1-01.jpg&v=3&w=400&rid=4&s=72U_n7RIvwt7nigDsx3IBuCh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

efd50e10300ed11ceff2becf18a1db26004403015d89471153b6a9a2c71b46e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9074
expires: Sun, 15 Sep 2024 12:50:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 4 KB
5 KB 171ms
91ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%252Cif_ih_gt_iw%252Cw_700%252Cq_95%252Ce_sharpen%3A70%2Fif_iw_gt_ih%252Ch_700%252Cq_95%252Ce_sharpen%3A70%2Fv1690490165%2F2204743-3-08.jpg&v=3&w=400&rid=4&s=xaxdgi6eLVIsHNxWIWsVNfSA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a6e6fc89b7efb9030b89e1881cebd3143aeb073102aeda079d8ac3b08e8dc22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4534
expires: Thu, 12 Sep 2024 17:04:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 19 KB
19 KB 160ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%252Cif_ih_gt_iw%252Cw_700%252Cq_95%252Ce_sharpen%3A70%2Fif_iw_gt_ih%252Ch_700%252Cq_95%252Ce_sharpen%3A70%2Fv1689423910%2F2207136-1-08.jpg&v=3&w=400&rid=4&s=EPadXoAlGQY9fx9q9q9tJXgf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

446479336e22eff9895c8a5045f2dd44e972fb9601eff32ca327b91eeeb81048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 19504
expires: Mon, 02 Sep 2024 19:40:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 10 KB
10 KB 140ms
60ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1688469431%2F2204815-3-01.jpg&v=3&w=400&rid=4&s=uwxnKrgsqgGDguHsP8nAHLxe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f9f6ae79b8b5df7ca05d527f205201fcb1c9743de3b8e095b5be736ce02c2d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9838
expires: Sun, 22 Sep 2024 04:08:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 6 KB
6 KB 104ms
101ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%252Cif_ih_gt_iw%252Cw_700%252Cq_95%252Ce_sharpen%3A70%2Fif_iw_gt_ih%252Ch_700%252Cq_95%252Ce_sharpen%3A70%2Fv1691253749%2F2211365-1-08.jpg&v=3&w=400&rid=4&s=vZbSz3GCFYRtyDddE3dkkVv1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bdad8690fa9c5fdf0852c93a26b3c47d302c9c5c5412466d5fa90edf98e92898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5766
expires: Mon, 02 Sep 2024 19:40:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 5 KB
5 KB 77ms
74ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%252Cif_ih_gt_iw%252Cw_700%252Cq_95%252Ce_sharpen%3A70%2Fif_iw_gt_ih%252Ch_700%252Cq_95%252Ce_sharpen%3A70%2Fv1691423115%2F2207696-4-08.jpg&v=3&w=400&rid=4&s=7Qhim_fUNdzJ0PjCJrXkogrJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3db6509d499f8f093d21b083048c28c78b2e380324342efb7e280b6665954943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4746
expires: Mon, 02 Sep 2024 20:09:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 11 KB
11 KB 82ms
79ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%252Cif_ih_gt_iw%252Cw_700%252Cq_95%252Ce_sharpen%3A70%2Fif_iw_gt_ih%252Ch_700%252Cq_95%252Ce_sharpen%3A70%2Fv1686228971%2F2198962-3-08.jpg&v=3&w=400&rid=4&s=vPvHJvpaWwz6GjOzNsX9-3OZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

454baabe1c1683becdb1a4fc158149e7d73cc92cf0eacd0297ed2cf62e235bc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11100
expires: Tue, 03 Sep 2024 15:30:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 7 KB
7 KB 77ms
75ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%252Cif_ih_gt_iw%252Cw_700%252Cq_95%252Ce_sharpen%3A70%2Fif_iw_gt_ih%252Ch_700%252Cq_95%252Ce_sharpen%3A70%2Fv1690969868%2F2208554-1-08.jpg&v=3&w=400&rid=4&s=Yp8pusQ5URgGUIe_foHBc_JD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2c182a11ce7f6063ee9102726c50d29f11e24144d86cd22ea592a6c8022aba1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7046
expires: Mon, 02 Sep 2024 19:43:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 11 KB
11 KB 94ms
92ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%252Cif_ih_gt_iw%252Cw_700%252Cq_95%252Ce_sharpen%3A70%2Fif_iw_gt_ih%252Ch_700%252Cq_95%252Ce_sharpen%3A70%2Fv1693260149%2F2199234-1-08.jpg&v=3&w=400&rid=4&s=7U_urXr8Om3mrzAbAcboiQme&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6390b657c03ba32ed35b2deeddddf631b8ffd44495b067656a14584df8808b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11404
expires: Mon, 02 Sep 2024 19:40:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 32 KB
32 KB 82ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1692651459%2F2200684-1-08.jpg&v=3&w=400&rid=4&s=lWbfjgd3WbNjtaQP3vMZ04my&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c0d30d11d664d44fbca26d9a71ee13049727c99476afa2d36a352a960dda48c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 32952
expires: Wed, 18 Sep 2024 04:33:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame FD7D 8 KB
8 KB 92ms
90ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=17440&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_700%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_700%2Cq_95%2Ce_sharpen%3A70%2Fv1692183710%2F2198237-1-01.jpg&v=3&w=400&rid=4&s=1God89HKUdiND7FoRmiO8Knq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

19dad64fd4d14734b115b97cca899daea6b5b52414f04953cfd97fae49a568c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8292
expires: Sun, 22 Sep 2024 07:01:46 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FD7D 0
127 B 33ms
33ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3SFpX-EHWqTILRb8_pAiGoXZxr9MSwOdJ8cvjt5ND_S4wOpY2fkO3A3f82VO93Ep7z-xQ1IHzHWdMO50oi6qNyfpnXNTzfjugGS4eZaTa49JOzDDXrnZPLwcMx-jEsYy_-OrrvQVChox7f2eGzdvFbGnrgkl6zY8HWh1Gc-XQn-eKN2ntRSdVnkp-1rIqQc9MLlEGCZ5uloIN10II5aCVgp1uIwa-tj8eTpF_aXxTHbFaf8xwWOYJFdDdTr8yq9vKNTLZw&sds=2&rev=88731&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FD7D 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FD7D 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ Frame 5B3B 380 KB
129 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

743a258e9e16442b04027255b0214ed873724425db7eec597313cd5db9ae7525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131760
x-xss-protection: 0
server: cafe
etag: 1523424873611595178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/ Frame FCB6 10 KB
5 KB 87ms
20ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 28000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 14:47:09 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 14:47:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FDC9 0
0 65ms
65ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJUMJSugdZemrLujH7_UP0PKtoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT5AU_Q_OT3eydrKKOXp2PxpjrxKrQp39aU4cGl2bJ3FmccbbXoAjP23P2afigh0PBX0v4erYvMeM7WNIU7xYKA_40C0T1sr9UDLvP7HXf3UiSzVYA8CHnL-CSJCQ3LsrfPasMq3pSkbCf2RbjWdmeyl9z4XXklJXSqz9ge7NwaZ4LJir_LHWrqBBLEdTmSc3rMeJP5J60NW22Ny4Ik4F7pn60KZRu1um1ByaTYOSsQBcgPT08mgpSWL5QYM3gH7B31Td0NLNGwSm7P9Wbxd_YNKorjXff-6tcW3Y6F85IFuWyIhf9Rhkdfa4JfK_iOYqHhjIJsL9hBet-tj-AEAYAG4sWb_-fpl-0goAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=eQnVDlhZMvg&uach_m=[UACH]&cid=CAQSGwDICaaNblchvfV-Frlxij_rlxVMLfhWOgqTGRgB&cbvp=2&vis=1
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame FDC9 0
126 B 116ms
32ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5vwFO-uBNgFWp2DYgICAAAAHUL_eV8vfNe13ephhfBvkRBK6B1lNY1QQ9fxzt8cfQAAEgAACgpBUVVEQVFFQkFR&wp=ZR3oSgALlekIu-PoAAt5UEeGD_vaWwKvgVGkQA&cbvp=2

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 134492
server: Kestrel
content-length: 0

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 8114 37 B
220 B 24ms
21ms Image
image/gif 52.59.78.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZR3oSwAH1fUIu_OvAA_1ga_oGYrvdPeecG4X3A&ts=1696458827&aid=40593631857913681604800&ec=5563_66529_OADD2.7284289540934_1IRPT5BB4AESQEE696&n=Gs4CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD00MGFhZmExYy02NmMxLTQwZDEtOTNlYy0xM2M3M2VlYWEwN2QmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPVY1Jm9BZFVuaXQ9MTE3MzAzNzQmcHVibGlzaGVySWQ9MjUwMTUyMjM1JnJJZD00MGFhZmExYy02NmMxLTQwZDEtOTNlYy0xM2M3M2VlYWEwN2QmcnR5cGU9bnVybCZ0YWdJZD0zOTEzNTgmdHJhZmZpY0dyb3VwPWdldmN5cnl2c2dfcGN6JnRyYWZmaWNTdWJHcm91cD10cWNlY25mZiZhaWQ9NDA1OTM2MzE4NTc5MTM2ODE2MDQ4MC04MyZ3cD0wLjAyNfICiQIIABIXNDA1OTM2MzE4NTc5MTM2ODE2MDQ4MDAYACABKLsrMOGHBEABSABQAWASaApwgfshkAEAmAEAqAEAuAEKwAERyAEZ8AGWywz4ARmAAhGRAgAAAAAAAPA%2FmQLXo3A9CtfTP6gCALACAcgCAtgCAPECZmZmZmZm5j%2F4AqU7kAMAmAMAoAMAuAP3zdsByAMA0gMmT0FERDIuNzI4NDI4OTU0MDkzNF8xSVJQVDVCQjRBRVNRRUU2OTbgA6Liyk3pAwAAAAAAAAAA8AMZ%2BQMAAAAAAAAAAIAECIkE16NwPQrX0z%2FABFPQBADaBBk0MDU5MzYzMTg1NzkxMzY4MTYwNDgwMCAx4AQA%2BAIFiAMBkgMEOTg5NZgDAKADvvEXqAMA&b=1
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ Frame 8114 37 B
139 B 26ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=Xgcartoon_StandardDisplay_OB&aid=40593631857913681604800&rev=f203c6d&pr=can%27t%2520access%2520top%2520document&bc=0.025&bmid=5563&biid=7589&sid=66529&brid=556417&adid=&crid=162705698&ts=1696458827&bcud=25&ss=5&caid=0&unid=0&domain=bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.xgcartoon.com%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206230&cb=26206
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/ Frame 8114
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=851643c0-5957-4037-ab9c-74b3c57fb800&bidId=15000&bidderId=4&cmExpId=V5&oAdUnit=11730374&publisherId=250152235&rId=40aafa1c-66c1-4...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7a01c2d6a6624f869646da6b3295691b&SNR=1&GV=2&med=10

0
545 B

238ms
237ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7a01c2d6a6624f869646da6b3295691b&SNR=1&GV=2&med=10
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A2227B4FEA243F58758C11464B8C8B2 Ref B: FRA31EDGE0807 Ref C: 2023-10-04T22:33:49Z
x-cdn-traceid: 0.92a12417.1696458829.2992ac26
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 04 Oct 2023 22:33:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 50FB31354B9A4CFCB1FAE6A451441F32 Ref B: MIL30EDGE0906 Ref C: 2023-10-04T22:33:49Z
x-cdn-traceid: 0.92a12417.1696458829.2992ab28
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7a01c2d6a6624f869646da6b3295691b&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 8114 31 KB
31 KB 188ms
91ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7284289540934_1IRPT5BB4AESQEE696&pid=21.2&c=16&roil=0.0341&roit=0&roir=0.963&roib=1&w=533&h=300&dynsize=1&qlt=90
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b301bb6e4378f763dc4b49cf25046d285584174a095da1e4f7eb5ff884f52be5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1696458829.2992ab29
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 31827
alt-svc: h3=":443"; ma=93600

GET
H2 200 blank
img.3lift.com/ Frame 8114 1 KB
1 KB 76ms
22ms Image
image/png 18.66.122.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=533&height=300
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-67.fra60.r.cloudfront.net
Software: /
Resource Hash: 149ac445b3031b272ccd41191a553efbda3a21087db9c6834e014ef24dacbf4e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:19:43 GMT
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 15:19:43 GMT
x-amz-cf-pop: FRA60-P2
age: 112446
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 1134
x-amz-cf-id: BMvXm_RX-4obgHDDiGF0Kv8VraYcNUYHGNSDE4mQIAOBpiwOTcQkPg==

GET
H3 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 8114 3 KB
3 KB 27ms
26ms Image
image/png 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 05:02:28 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 63082
x-amz-cf-pop: FRA60-P3
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: P_NO-8uindfFOGj6qfbNfN1n12fwKoEfTO8nP4MmBNEYF1wcRvvlKQ==

GET
H3 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 8114 3 KB
4 KB 27ms
27ms Image
image/png 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 05:08:50 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 62700
x-amz-cf-pop: FRA60-P3
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: iOaxmVewcZH_2ABIWa5K26ORvUYKJsB2-820T8UE0fasO24gRFG_nQ==

GET
H2 200 ctar
eb2.3lift.com/ Frame 8114 37 B
139 B 28ms
28ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=Xgcartoon_StandardDisplay_OB&aid=40593631857913681604800&rev=f203c6d&cta_render_method=2&cta_render_text=Learn%20more&cb=29653
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 93FE 37 B
220 B 22ms
22ms Image
image/gif 52.59.78.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=ZR3oSgAOKIEIu8BpAA35EStPDcrzZDTP93pSPQ&ts=1696458826&aid=36662797464811365849420&ec=5563_66529_OADD2.8246380733465_1ZHL11XZSXCHNK9RFF&n=GtACaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD03MTJkZDlkYi03ODM2LTRiODItOTg3My04NDExYjc2MmQyYjEmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPVY1Jm9BZFVuaXQ9MTE3MzAzNzQmcHVibGlzaGVySWQ9MjUwMTUyMjM1JnJJZD03MTJkZDlkYi03ODM2LTRiODItOTg3My04NDExYjc2MmQyYjEmcnR5cGU9bnVybCZ0YWdJZD0zOTEzNTgmdHJhZmZpY0dyb3VwPWdldmN5cnl2c2dfcGN6JnRyYWZmaWNTdWJHcm91cD16aHZxZnJ5YXJqJmFpZD0zNjY2Mjc5NzQ2NDgxMTM2NTg0OTQyLTgzJndwPTAuMDg08gKFAggAEhczNjY2Mjc5NzQ2NDgxMTM2NTg0OTQyMBgAIAEouysw4YcEQAFIAFABYBJoCnD2OJABAJgBAKgBALgBCsABOsgBVPABkssM%2BAFUgAI6kQIAAAAAAADwP5kC16NwPQrX0z%2BoAgCwAgHIAgLYAgDxAmZmZmZmZuY%2F%2BAKlO5ADAJgDAKADALgDAMgDANIDJk9BREQyLjgyNDYzODA3MzM0NjVfMVpITDExWFpTWENITks5UkZG4APDzcpe6QMAAAAAAAAAAPADVPkDAAAAAAAAAACABAiJBNejcD0K19M%2FwART0AQA2gQZMzY2NjI3OTc0NjQ4MTEzNjU4NDk0MjAgMeAEAPgCBYgDAZIDBDk4OTWYAwCgA77xF6gDAA%3D%3D&b=1
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.78.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-78-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ Frame 93FE 37 B
139 B 25ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=Xgcartoon_StandardDisplay_OB&aid=36662797464811365849420&rev=f203c6d&pr=can%27t%2520access%2520top%2520document&bc=0.084&bmid=5563&biid=7589&sid=66529&brid=7286&adid=&crid=198354627&ts=1696458826&bcud=84&ss=5&caid=0&unid=0&domain=bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.xgcartoon.com%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=15705
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/ Frame 93FE
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=47e8ac78-37a6-4609-af5e-1358a5583aa7&bidId=15000&bidderId=4&cmExpId=V5&oAdUnit=11730374&publisherId=250152235&rId=712dd9db-7836-4...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6132b70b7513455ab1be337ca38d35d1&SNR=1&GV=2&med=10

0
545 B

69ms
69ms

Image
text/plain

2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6132b70b7513455ab1be337ca38d35d1&SNR=1&GV=2&med=10
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1D3365A735974F0CA466D6B038CD12D0 Ref B: DUS30EDGE0705 Ref C: 2023-10-04T22:33:49Z
x-cdn-traceid: 0.92a12417.1696458829.2992ac28
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 04 Oct 2023 22:33:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2A9D39F2E5BD47F695F036273B01A718 Ref B: MIL30EDGE1510 Ref C: 2023-10-04T22:33:49Z
x-cdn-traceid: 0.92a12417.1696458829.2992ab2d
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=6132b70b7513455ab1be337ca38d35d1&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H3 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 93FE 3 KB
3 KB 25ms
23ms Image
image/png 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 05:02:28 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 63082
x-amz-cf-pop: FRA60-P3
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: aAGaLcc2tQd4Qr_eak6UdovTBShjHFHW7DH8-YdX46HdGGGSX-9Y0g==

GET
H3 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 93FE 3 KB
4 KB 25ms
24ms Image
image/png 13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 05:08:50 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 62700
x-amz-cf-pop: FRA60-P3
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: YwIuYqQi5alBoSndxdLAeyUh1glo5gQAOrul1k70FuP-JfNY1ZUmCw==

GET
H2 200 th
www.bing.com/ Frame 93FE 28 KB
28 KB 118ms
39ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246380733465_1ZHL11XZSXCHNK9RFF&pid=21.2&c=16&roil=0.1775&roit=0&roir=0.8225&roib=1&w=300&h=300&dynsize=1&qlt=90
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a392 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7c6afb6efd5a58476d4a1afebf786fe0382f59666613b334192926c268136c66

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.92a12417.1696458829.2992ab2c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 28665
alt-svc: h3=":443"; ma=93600

GET
H2 200 blank
img.3lift.com/ Frame 93FE 908 B
1 KB 57ms
22ms Image
image/png 18.66.122.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=300&height=300
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-67.fra60.r.cloudfront.net
Software: /
Resource Hash: e5256bea79dd64abe02ec0b6031a5cf9e93ace05957297b59ffb42e21782297f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 14:51:31 GMT
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 14:51:31 GMT
x-amz-cf-pop: FRA60-P2
age: 114138
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 908
x-amz-cf-id: XvvouRDwQa_hYHhJ4884Sq_Wk7E9WryJhyOSCKazS2ZPIbLikGpB8A==

GET
H2 200 ctar
eb2.3lift.com/ Frame 93FE 37 B
139 B 25ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=Xgcartoon_StandardDisplay_OB&aid=36662797464811365849420&rev=f203c6d&cta_render_method=2&cta_render_text=Learn%20more&cb=52133
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6152 135 KB
46 KB 93ms
90ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oTAACr1wIu_6bAAPZnb9_o4syyOmZszKi1g&u=%7CwEhugyb8jFDr3HVGyXFdzLdTfDFmH4GeVDqPY90fyjA%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgsEYLRTC0XW27L2_tjl6erqA_RpXvp0RC7XZ7_cIKQqepYZXd-bwIUb37rm72rRyJBaPcqbJw6fP62_7pfxow5glAfKZJrQtWgp6YQMvWjmRkzgg-S-TOyRSbwrM8ec4p9Ll5at910H6tOgyG3oupnqvW7PyG008z4ROTmLMX0M7hDaqOwoGewJeuAk9HW3Zyz2ZDqfjxJvQbh5yYU-eF5Jzwt16UwyWq0fo3Lms0KiD6ZboIMYhQ0lPGlkNAV6xjMkcS7ACNiAAShlS535jJ-X-oODrew2zsMi7ujA-JYK26TkFL328f2-HkdGZKWsQIbO4xrmRdlSyHxfKBdEzAU_MUCeQEna01psQvyABL15JlC97FWe5pFukIcanTQfyvcVn6YEmTXNN8-6bhc9ZYMvzsXhlUGG28aTmeYGIFc9d3IOLGoNWm8cTc4hjdK_uWHeNji3C_a9RatxUT9-4DjjqJEsbUs3OhMtsN2X5SfUUcQ89t6C4MGI6QEM-_AVXTB-m7TBmJNkCPXcKPFcmRtNKsBScKQgn3H_yz8HMNTGPPWApMTSoy-TifwjQ-Y9bC5m45sFjXE_1t0QN4HjWIcJ-Y-BjpvjPkdJAp2ggzkf8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnZgWTOgdZdzeCpv97_UPnbOPsALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT9AU_Q4-KTbhJiFecd0V5Wfq79A6tSYPC7At7bPuoRv4LkF7AvFf_apvA5jf5oAnNCIFL93kLFU6i49yYz0fjTmVoGeOxiMcw4QAXxVR-2V7U2CJnOKneqgYW1n0uCf00AzzIQQtXYNWnSGhFT6LzhtIIkFTrCMNVrpJQI-NO0VixUBv3uBNybFYfOdVC2iknlhKBmfUbFRCa6I6YZYXRO5PjFfX9xJJQF_JpJ1GEtxT3mYGb7yhGbSbeYj-Sk1X-OX5djuhU3RYmfVq_mjZhDMVuUHUtBem5Nqmak541mqAH8G0h_JZmLq3tZNQNxlOEBRPPpoIuiDHMUYWPYZRHgBAGABsea89eL-c35a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AHXRie0DNWr8k_pC-uotiyJlN6g%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bf12194866dcd393d0eac7276df7817a87ac22375547ae418215c47bed1b8fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Z_-Y3uEHWqTILRb8QtWaruOuKkpWMIahmWPc-gQOs2Zi_rnDOP8N__dFCNw0Si0quWK8zhtOrARhieolvr7UQ1nPNyqnb61oxGBr96pQZugafyVBWHQSXz69AaFJ3wbde7N6hsKvD83ID2Vb6rSRWEF046nhgNpujjo1Hs1FrESeKotNG0tgi8qCQme-sKJ73LvycCAdwRZemeJXjQhejrw1VDxyL7_c2lNOGhoF5-X3Vnf7FlFYr3ApopEY2zRROir8yQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 54421655
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 6935 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 6935 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6935 24 KB
6 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6935 187 KB
59 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A920 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oSwAPO7oIu_5eAAGDcBrviLPQ4uRMVDoY5w&u=%7CwEhugyb8jFCrt%2F4jFK4Bf6Yc%2BfR%2FU46g%2Bl6zATscC%2FU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBExYQ9MR0Jvm_bL0lQkEdhsw4FL--jOhcXvZRNo981STF9r2eHLKVNUd2m2-2kkdRX4Yzxgcdg532gOnA9ajJMeqLhe9fgZ4sCCBDJCkCVriXE5IrAXfa6WkrKxDa6A489Nw4aWW4ZryV9W4mpYBEq4d-9oJOw5Ln4UNhdnY0jYxSr5WKxfTzXl_YWhajrFBVXSB7CcSsffMbuOj0KCtMp-2Qv5XeT9HnYR7BNcb8i0NOIJx4-qDfIjZGMydONyROEs3nK4bavzuBHQeqBVs9iuolP8OejSBMoPJR2WTJcEMh2HTIE6Cl9j7B2M8fWAl1lFtpCfLaGE-zFO2rAIUQXMdvYCjC_ReWXdPvrBydHPBti2q17UBMRyFZi_yyNyhh7fCDW-nX-QytX8YlV7QPnx3b8IIAWoezkK3jQkyubbx3USoLAtJsYHRu17cvJVncifvGAKrc08V_NgqC9eRdxwabWbQ0Ic3M5HQ3QWvf9DDwUc1Bxq0A4uJJswDltze96aFXSBLN1IGb_SS3aAmEl63PMCc6nBorgF_Ew8h56uHoi1YTVnmHSlVJrtTC5RF4i0P9dVJwJ8V6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtktHS-gdZbr3PN787_UP8IaGsA7JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Qvow9nbkHAtvW7kjmSlddXlqvIv3e7oHir_xjqFMa34cJ-8bVb9JzGB-pST81-clKfJ5WSbp9rWmk2LW4kmbUwqY0bpYd3gcNp1WlM8_v2H4kpX04YM8NXe2Z8ESvmylrAMxr8j25MDR6R-gD-jXdexp0YL64ukxVUz4SMxEwwCEsqxdCQjfg9JE8IHw_M8NxPhl8DDkQsHb-hcq-_Xg8xX_ZKUduei8IpaKbisg_wboOWvXaJ8IYnyOSFAci2SYu9bUnd6dP0m_hvVhsEc3U3_5gQoRFxBIiMR5jy4a7F3C16ugTYjkCHpFpcOzpR9jJIRGiPc6F8E2oMeAEAYAG59C6h_zX6_pFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2sbc7QbFlftOPgr-Qy9dW-NshnXw%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A920 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A920 308 B
636 B 41ms
40ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A920 293 B
621 B 40ms
40ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame A920 43 B
347 B 42ms
41ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZK7g8v9DnXeSHZLTuDfH5OQVh3v8PONBD4zXw6SZDriTJP0arrypQPBGKeWiK-hZ2LzmrWjySAjRawbDtgNxk9ySaNm68xibJ_nYiZVVzaFM-CHpDNnJ7Vydw3uxKhm6gTKLoYJDU9QU8TVVWCJ_6UEKoYGgb9D8uLm5CQaURUwhCPyGuG4ysmDnxso437iQssiK1l7EyKmH9LgefO1W15uM6QALSkZZGuslS5QVUqxU5dRQNhIdd6Kgw4VShOzGy6d5k0UfhoTwFYhNtSHBtNFWSoBL5WCrmfFmiqenpXjLY4tozSblAe3U0Ao9IHMp2FY3Y3fAwoPa9O6SRwk5YOz_NdqecOciIeV7RZ7bEtzuY2knJ064yjZnwKHjuZ2xZkFVt-mtGyxiAOmp2djDfn47Nw86_W0-D5p-Tq2bHMB8rWi6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1498900
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A920 12 KB
5 KB 33ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1811398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yn8k1oIwfMAEOegb13qfNcColsykNVxB%2FaR4Ihb50SQnj6uRspzLFadVQTTevZMSyiXOQ%2FAjUJMkGq9m0dS%2Fk8COi2UzsmHyi0MchB%2FKcI3uSd8%2B6tR0%2By05p0OfGDcpl5mR0Ekr1EyyWb3ZJxqkem7c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8110e3838b0101f4-ZRH
expires: Mon, 23 Sep 2024 22:33:49 GMT

GET
H3 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FA1 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A920 12 KB
6 KB 41ms
39ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CDC9 26 KB
12 KB 279ms
278ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458828493&bpp=682&bdt=428&idt=946&shv=r20231003&mjsv=m202309291101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44803794%2C44804173&oid=2&pvsid=1972462585347372&tmod=14234105&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w86e1tkc4ww9&fsb=1&dtd=959

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f27ddca50b8d71ac186b4d8199b41614b72d7e651932d00797bffb2410b1916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12223
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame A920 0
127 B 34ms
33ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Fg4J4OEHWqTILRb8AE2YJd7tIv_NXHEVlnnxzIRhs12z5g4kNAc0O9oC1VNHTT3u3qcXSEDK4zOaSZi0J17bnQ-5guQZqaiy78RhXlUUFRTSAxpCfhidvyS0GPm_PMZbZi9gMJmtRYjcvFU4Gl1k91X3bebV68Pzf5ncVsSt27R-k1pL99QLSpYKgrXmhsFR5gFnfhcb2WrAyuozTpbUXFMtwat2J6lcdWsayG_imZN2FSV32rV823qBoLvV1RvJ_dF0Cg&sds=2&rev=88684&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A920 2 KB
1 KB 35ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A920 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6152 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oTAACr1wIu_6bAAPZnb9_o4syyOmZszKi1g&u=%7CwEhugyb8jFDr3HVGyXFdzLdTfDFmH4GeVDqPY90fyjA%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgsEYLRTC0XW27L2_tjl6erqA_RpXvp0RC7XZ7_cIKQqepYZXd-bwIUb37rm72rRyJBaPcqbJw6fP62_7pfxow5glAfKZJrQtWgp6YQMvWjmRkzgg-S-TOyRSbwrM8ec4p9Ll5at910H6tOgyG3oupnqvW7PyG008z4ROTmLMX0M7hDaqOwoGewJeuAk9HW3Zyz2ZDqfjxJvQbh5yYU-eF5Jzwt16UwyWq0fo3Lms0KiD6ZboIMYhQ0lPGlkNAV6xjMkcS7ACNiAAShlS535jJ-X-oODrew2zsMi7ujA-JYK26TkFL328f2-HkdGZKWsQIbO4xrmRdlSyHxfKBdEzAU_MUCeQEna01psQvyABL15JlC97FWe5pFukIcanTQfyvcVn6YEmTXNN8-6bhc9ZYMvzsXhlUGG28aTmeYGIFc9d3IOLGoNWm8cTc4hjdK_uWHeNji3C_a9RatxUT9-4DjjqJEsbUs3OhMtsN2X5SfUUcQ89t6C4MGI6QEM-_AVXTB-m7TBmJNkCPXcKPFcmRtNKsBScKQgn3H_yz8HMNTGPPWApMTSoy-TifwjQ-Y9bC5m45sFjXE_1t0QN4HjWIcJ-Y-BjpvjPkdJAp2ggzkf8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnZgWTOgdZdzeCpv97_UPnbOPsALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT9AU_Q4-KTbhJiFecd0V5Wfq79A6tSYPC7At7bPuoRv4LkF7AvFf_apvA5jf5oAnNCIFL93kLFU6i49yYz0fjTmVoGeOxiMcw4QAXxVR-2V7U2CJnOKneqgYW1n0uCf00AzzIQQtXYNWnSGhFT6LzhtIIkFTrCMNVrpJQI-NO0VixUBv3uBNybFYfOdVC2iknlhKBmfUbFRCa6I6YZYXRO5PjFfX9xJJQF_JpJ1GEtxT3mYGb7yhGbSbeYj-Sk1X-OX5djuhU3RYmfVq_mjZhDMVuUHUtBem5Nqmak541mqAH8G0h_JZmLq3tZNQNxlOEBRPPpoIuiDHMUYWPYZRHgBAGABsea89eL-c35a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AHXRie0DNWr8k_pC-uotiyJlN6g%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6152 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6152 308 B
636 B 34ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6152 293 B
621 B 35ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 6152 43 B
347 B 35ms
35ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=nuSwedrNzFNj5t0tqkth2eD6myHlraJVArfKe2keuFkAKsqxTDlpiwtda2lKH0O83PHBkQmykuzR7xas2mQaEbku63-pmNaMiHR6JSnpU188vTzwjZwhfSSTuHCqxcrUOzeotA1CM1XFGyHISBSGK-qsv24F09vX_FLMG6gQCCtiSQEIJLSUVRkcJ3oDdBq1D-TwwUnyTYBuMYxMRtztaQD8QnGMZCsYl1ePhx_SygrjgYqrbAhdihVgMbUrxeuNrOgmKAeXWbsQu6bstyc-reX1BI1UAFfxlh4CJZtgabYcbsBe9F50VDHZh95wXFin-_a3FsSfcbLIRoJLUHBYzYiV_tO-YeK5DJbNj5BvLyohIkdKbzt_WgNpogaL5ZRgI3SqzPfZrBBM_08fl75fFoOa7GBAom6ZEpjI-tQxm7Ijhyhb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1750840
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9743 0
0 65ms
65ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2fh5S-gdZdG9C97H7_UPi72_mAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgSAAk_Qncj4H3meEV_wzwCeAXeXtYH4e9D09hQIWkZxDSJyUeQ3t1ge39AcTsNWAs8q57QgzTJPGj6IcBaxvQffuaDPxtQl2X2abhzMQNpOkvXHJdW_xxgNdBW3axeyxFAQIaCCjsBqzfANGSio_3gJoquJUC9QgKE6MhlTNtBsCDN6aPtuJvUSlWh2nagjdcyjIkwVzSlD44rj-e_Dsr1ahxLpRctEq8pcav1wBzmp_GoJhsspJ4TUP7W4uot0wInrULTPP8CxkboRueuYdNVUzEZYorR1V17wtnF8FFYnXR6gmbXll2xk_l-Mfu0D8157w7kpZgTeanUWnyl9IdO3CFXgBAGABufQuof81-v6RaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=8NCmSZGhwZM&uach_m=[UACH]&cid=CAQSGwDICaaNda0XTTMEiLbu2U9J8MsTSAQ6zgsRqRgB&cbvp=2&vis=1
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 9743 0
125 B 31ms
30ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k9_uEtj_CsoH-gGdg2ICAgAAAB1C_3lfL3zXtd3qYYXwb5EQSugdZfZN7QNrRdGF1l8AABIAAAoKQVFVQkFRRUJBUQ&wp=ZR3oSwAC3tEIu-PeAA_ei4h7BIqkMOkV7oivNQ&cbvp=2

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 168917
server: Kestrel
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FDC9 42 B
64 B 95ms
55ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwqbZuxX56KgCjZJ4QMk2TIHyzIU89ZdxSR0mWnGXOP1gyHCZBpLIaDv6p1G--stHFALQUBdUCX2oRPcE5KOl-HvmzRXe8vgMTPEw&sig=Cg0ArKJSzFiEhu3HgvE9EAE&id=lidar2&mcvt=1085&p=0,0,90,728&mtos=1085,1085,1085,1085,1085&tos=1085,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=807729522&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696458827888&rpt=514&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D17E 272 KB
68 KB 186ms
185ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oTAAOg9UH_YyzAAsHjhTgrqqxp-tilG1l2w&u=%7C%2FSmEAsPfp0fYPF90H8BwuOBXukDr46wxTVlERoIRa5s%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBExYQ9MR0Jvm_bL0lQkEdhsw4FL--jOhcXvZRNo981STF9r2eHLKVNUfnwh44BWvWD04Cb5r2NQY7T0ESMYtNdDyRVDtavcEk2nZ-A3tsk9W4Ku4aKa7p6mn9_fmY2si2xOQv_Rt9Hj_9ziQTwazNfi-tHUmNjRDmki7RZgnZuMMpyxW9843jy3N5q8qgjZEEsXK-Of24ioDCLdzs1e_SeXpli_SRomOmfpqzRPm48cLccmtUvnBDQ7CULyNNYGbfBzCcRp9LeFBfKUm6gpyfShXwFXRoMc6cvb-pFjPNgxeLrgzgqiDeOhrSAxkGB8LyVLmNv2Xn6NP2zB9Xz2Duunje3t8qBvLWF-1j8NNOXeGCsz-cELMPEsmb2dG7JfQDkg_ZQge_R6kP3FBhQQYoTyQrwIvYEVKz6jaEE7-LfoAeMJJLN_xNjKYTmgvA8RKF871_VDDxaQlXeLRqlhkAcRVpG8A7EGrydqX0ZJk1goyuSfvHVo7-OXKx6bBgqEGPI9VNUqY-ZPafuoR8yyoVEUZC9thfc4G9Z6PZ2Kh-eazaNlP1ZJ7TVUqblqbnZ407sgTi6Zw--TS6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh-AwTOgdZdWHOrOZ9u8Pjo-s6ALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Qn4cl27WCdDMYblYb_f0-W2HnKqejg8Y4y7b_HH479cWhgchmaWfS9KV_mJpS9vOVyIPJrlJLZWO1Rx0TEK8r6XUBDVRsy91SgKrcNDE61SOcUI3fMaaHpyvseRpTCA8ftYtgZ7jfIEFsQ9h1UPyZ3kZl3vxvy-D5h1xI_aKUTzogTDV4V4RS84sE7yJlACMcLGofVNZoIrTPZm039o98cW9rivj225-hEB78ljSFAv-cNcXNkwbIgKjBQvg2Gw9qfuqGfX942iQcLj4l0lH-2FKdCvKps92Zry6JTQzYsvUB8gx7CU5ipKUTlWL5g7dif65g-Toy0uHvC-AEAYAG59C6h_zX6_pFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3mHaK3doYzY71ECcd4lCNVC936ng%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

87415b6852b696564d32f56a6b4c8a456f3276f46eda1ef429b36726bd1951f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Z1WcYeEHWqTILRb8Wq8r7P1zaA2K3NHC0yK3y-7BkyBSXJvON7SCKw1fqOQvBUvBhOp4S2JeyKEYCde5XxC-N0NizAlRRakHrNWaKIEh7osiQ9VnBtV2hmLpbrI8Vy3ImVMcWYf_mLYxkeDtpGM-Pa4rFZXTUgzZtHRAYOAlGghapKXvYgEIWtXelUlQmFaPaLaSMuWWVsBMXFzSWTrDzeQrNbnqvLI40F8r4JkCNmAuktRBG53C-q5etUdjn2yDyMxdTg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 90327011
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 6FA1 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 6FA1 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6FA1 24 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FA1 187 KB
59 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6152 12 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1811398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhaEeXxpF4arvYl4k%2Bc%2BVtF26AjlZlGrUwFOSJAZk7L4G3fzxoqZQW%2F9pLAL76ZyZXVAwqjhts4HcrROMM8W%2BmPNHW3HPrmigv%2BQ2dGRJM%2BCDVJZVg682%2FhsxnS2SPVo3U%2FSCCPJQpDnHgztkXX%2BX5KY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8110e384ac9824c4-ZRH
expires: Mon, 23 Sep 2024 22:33:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 93FE 2 KB
660 B 77ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:52:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 93FE 3 KB
1 KB 76ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 20:43:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 sce
eb2.3lift.com/ Frame 93FE 37 B
139 B 28ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&lvl=3&inv_code=Xgcartoon_StandardDisplay_OB&e=Not%20in%20friendly%20iframe
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 aop
eb2.3lift.com/ Frame 93FE 37 B
139 B 27ms
23ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=Xgcartoon_StandardDisplay_OB&aid=36662797464811365849420&rev=f203c6d&pr=can%27t%2520access%2520top%2520document&bc=0.084&bmid=5563&biid=7589&sid=66529&brid=7286&adid=&crid=198354627&ts=1696458826&bcud=84&ss=5&caid=0&unid=0&domain=bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.xgcartoon.com%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=51654
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ Frame 93FE 37 B
139 B 29ms
25ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=Xgcartoon_StandardDisplay_OB&aid=36662797464811365849420&rev=f203c6d&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=26660
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 6935 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dabf274c8558e8b6fd22a47afcc8799086303d28793970e9f955707175e7c3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 8114 2 KB
660 B 35ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 22:11:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8114 3 KB
749 B 36ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 21:25:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 sce
eb2.3lift.com/ Frame 8114 37 B
139 B 26ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&lvl=3&inv_code=Xgcartoon_StandardDisplay_OB&e=Not%20in%20friendly%20iframe
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 aop
eb2.3lift.com/ Frame 8114 37 B
139 B 26ms
25ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=Xgcartoon_StandardDisplay_OB&aid=40593631857913681604800&rev=f203c6d&pr=can%27t%2520access%2520top%2520document&bc=0.025&bmid=5563&biid=7589&sid=66529&brid=556417&adid=&crid=162705698&ts=1696458827&bcud=25&ss=5&caid=0&unid=0&domain=bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.xgcartoon.com%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206230&cb=98117
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 moatad.js Show response
z.moatads.com/triplelift879988051105/ Frame 8114 325 KB
110 KB 168ms
29ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/triplelift879988051105/moatad.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6254a92d9d7102ec40d8797116e4c6c3823ce55867797d2c3988399a28dec826

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 10:29:12 GMT
server: AmazonS3
x-amz-request-id: YCAK6ZRD558XRFNS
etag: "44a129810e49343317e4a9c66a7fc66e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=33573
accept-ranges: bytes
content-length: 112617
x-amz-id-2: jC5nCxkCesbDxE6SWdUpnOMwXVgRWN6yNjPpyJgje783nCJFqEgKAr4qDO5TkAKJBbheQ2q6p6Y=

GET
H2 200 tpvpx
eb2.3lift.com/ Frame 8114 37 B
139 B 25ms
24ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/tpvpx?inv_code=Xgcartoon_StandardDisplay_OB&aid=40593631857913681604800&rev=f203c6d&pid=391358&unid=0&vid=1&sr=10&cb=55825
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ Frame 8114 37 B
139 B 25ms
25ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=Xgcartoon_StandardDisplay_OB&aid=40593631857913681604800&rev=f203c6d&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=64925
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 container.html Show response
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF48 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:47 GMT
expires: Thu, 03 Oct 2024 22:33:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6152 12 KB
6 KB 85ms
85ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6152 11 KB
11 KB 68ms
68ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F11580%2F4850155%2Ff02493fafdc64946834c68c1ca324ada_logo_n_horizontal_13.png&v=3&w=356&rid=4&s=H19E0BGXtSF59Zhxehnch61E

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3ee6032818561a0ea9db98d97fc57817ed26745d9bda5cfec0705eb0451ee04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11314
expires: Mon, 02 Sep 2024 02:35:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6152 171 KB
171 KB 78ms
77ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F11580%2F5006194%2Ff4215884b8a24ae2b714bc5f626078a9_img_square_1.jpg&v=3&w=1200&rid=4&s=Tan-v6w11knplr7JCcgNtNAm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

04178382da1ab77a8b9a60e7533737f56f192c58731cb377e7bcecdee18bb12c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 175006
expires: Sat, 28 Sep 2024 08:25:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6152 6 KB
7 KB 69ms
68ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.ch%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC43_3264_FA_017.jpg&v=3&w=400&rid=4&s=0Gqg7QFDIc6l1h66Xgp_YutJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f6100eb698d6b70e95b7911d0f90dbb67443b9e1d67ceb01d555312cff03d2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=371978
timing-allow-origin: *
content-length: 6550
expires: Mon, 09 Oct 2023 00:54:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6152 11 KB
12 KB 69ms
68ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.ch%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC43_5495_FA_001.jpg&v=3&w=400&rid=4&s=ZmulnjqMYNBoK98FQguEzyHJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

077dc23ba8bb3c830538b2358ee93970e5906464e983e6be6d69aa6b13421bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=296050
timing-allow-origin: *
content-length: 11610
expires: Sun, 08 Oct 2023 05:03:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6152 10 KB
10 KB 69ms
69ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.ch%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC25_1456_SA.jpg&v=3&w=400&rid=4&s=M-x1m_bTMapAk3x5-0n4rsXX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb5c66168972643e16bc530f4673f99dbf79ee7591a68346a59d1e72eb2ff36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=511257
timing-allow-origin: *
content-length: 9986
expires: Fri, 06 Oct 2023 07:28:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6152 15 KB
15 KB 70ms
69ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.ch%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC24_6204_SA.jpg&v=3&w=400&rid=4&s=EryHlMKO0BAseRgVtHsB1-9X&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c5ffc93c78bd3ea8edb8ff1d41eb2d493a6308c459326cc04364ddf752e6ab79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=574786
timing-allow-origin: *
content-length: 15158
expires: Sun, 08 Oct 2023 08:44:45 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6152 0
127 B 72ms
72ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Z_-Y3uEHWqTILRb8QtWaruOuKkpWMIahmWPc-gQOs2Zi_rnDOP8N__dFCNw0Si0quWK8zhtOrARhieolvr7UQ1nPNyqnb61oxGBr96pQZugafyVBWHQSXz69AaFJ3wbde7N6hsKvD83ID2Vb6rSRWEF046nhgNpujjo1Hs1FrESeKotNG0tgi8qCQme-sKJ73LvycCAdwRZemeJXjQhejrw1VDxyL7_c2lNOGhoF5-X3Vnf7FlFYr3ApopEY2zRROir8yQ&sds=2&rev=88684&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 22:33:48 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6152 2 KB
1 KB 65ms
62ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6152 2 KB
1 KB 63ms
62ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
static.criteo.net/design/dt/ Frame A920 56 KB
56 KB 75ms
74ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 24 May 2018 07:59:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0670fe-dec4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EF48 24 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 489580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame EF48 18 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c670b49aaf4d01332c431f14cb5ad2fb5dd12346575629231b89ebfc5b57437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7891
x-xss-protection: 0
server: cafe
etag: 6532844629672987519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF48 187 KB
59 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 93FE 15 KB
16 KB 90ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 00:00:04 GMT
x-content-type-options: nosniff
age: 426825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 00:00:04 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 93FE 18 KB
18 KB 86ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 18:17:36 GMT
x-content-type-options: nosniff
age: 533773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 18:17:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 93FE 0
0 76ms
72ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSqnrSugdZYHROOmA7_UPkfK3oA7ukrWTXL-ihcfkBcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJ4AIAqAMByAMCqgSAAk_QdHDiq3lezz9dO1RIRok3C_n0dMYlbOSb7zWwtRcg-I5chnWz0ydCXIXfqGimyx0YR9uAWQ8zNHFNQQCasyah5CbWhVXMaPdz3qqCWZebW3BTsoDuUCiATiF0VtfpXBPlQd-7P0tVeG8juAEBA4XDBxIzE4_LYk9VYI25bui9GIkIEpmuoIHEdBitpe5CQ2UY25lmqGZD7xvg8NMiHxz-Mr3glNDTp-RqBQR80wuMxVYszm2iZYVhervTMDP_asOt5Qz0MpJZUlv5oYXO_xa6eMC5LCZ8JZgJPeEhkvWDJoWaSX6f4KMFsnq-h7ke7GC20hk-yRLqhsmNU12QtuPgBAGABsD60b-WvuiW3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=dG9iNjXE1_k&uach_m=[UACH]&cid=CAQSGwDICaaNV52B2c41QxkMld3-IndrtEQ_Kqd_sRgB&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sync Show response
eb2.3lift.com/ Frame C430 37 B
139 B 32ms
16ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=87408
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 04 Oct 2023 22:33:49 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 6152 2 KB
899 B 36ms
35ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 6152 2 KB
900 B 34ms
34ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D17E 2 KB
1 KB 35ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZR3oTAAOg9UH_YyzAAsHjhTgrqqxp-tilG1l2w&u=%7C%2FSmEAsPfp0fYPF90H8BwuOBXukDr46wxTVlERoIRa5s%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oU-fBZNObj24EfUS2J5cBExYQ9MR0Jvm_bL0lQkEdhsw4FL--jOhcXvZRNo981STF9r2eHLKVNUfnwh44BWvWD04Cb5r2NQY7T0ESMYtNdDyRVDtavcEk2nZ-A3tsk9W4Ku4aKa7p6mn9_fmY2si2xOQv_Rt9Hj_9ziQTwazNfi-tHUmNjRDmki7RZgnZuMMpyxW9843jy3N5q8qgjZEEsXK-Of24ioDCLdzs1e_SeXpli_SRomOmfpqzRPm48cLccmtUvnBDQ7CULyNNYGbfBzCcRp9LeFBfKUm6gpyfShXwFXRoMc6cvb-pFjPNgxeLrgzgqiDeOhrSAxkGB8LyVLmNv2Xn6NP2zB9Xz2Duunje3t8qBvLWF-1j8NNOXeGCsz-cELMPEsmb2dG7JfQDkg_ZQge_R6kP3FBhQQYoTyQrwIvYEVKz6jaEE7-LfoAeMJJLN_xNjKYTmgvA8RKF871_VDDxaQlXeLRqlhkAcRVpG8A7EGrydqX0ZJk1goyuSfvHVo7-OXKx6bBgqEGPI9VNUqY-ZPafuoR8yyoVEUZC9thfc4G9Z6PZ2Kh-eazaNlP1ZJ7TVUqblqbnZ407sgTi6Zw--TS6&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh-AwTOgdZdWHOrOZ9u8Pjo-s6ALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT8AU_Qn4cl27WCdDMYblYb_f0-W2HnKqejg8Y4y7b_HH479cWhgchmaWfS9KV_mJpS9vOVyIPJrlJLZWO1Rx0TEK8r6XUBDVRsy91SgKrcNDE61SOcUI3fMaaHpyvseRpTCA8ftYtgZ7jfIEFsQ9h1UPyZ3kZl3vxvy-D5h1xI_aKUTzogTDV4V4RS84sE7yJlACMcLGofVNZoIrTPZm039o98cW9rivj225-hEB78ljSFAv-cNcXNkwbIgKjBQvg2Gw9qfuqGfX942iQcLj4l0lH-2FKdCvKps92Zry6JTQzYsvUB8gx7CU5ipKUTlWL5g7dif65g-Toy0uHvC-AEAYAG59C6h_zX6_pFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3mHaK3doYzY71ECcd4lCNVC936ng%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D17E 2 KB
1 KB 35ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D17E 308 B
636 B 34ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 28 Sep 2024 22:33:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D17E 293 B
621 B 35ms
35ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 28 Sep 2024 22:33:50 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame D17E 43 B
347 B 36ms
35ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=wBrjsP9DnXeSHZLTuDfH5OQVh3tiLcLfAfEJ3I5G0vT-OyQnYqCbG9wfRnqtoHRs8RHrypgMXsLUsO2IfwkX3wmMbz8rLZPFsFVYL4togpN41lYcptMhXo-isPG0r_Gk77vUpZOXNo73TQxDUzvPt3gaqPj8dL7guZk-XFETHU-vAv5mpfmkQ31mgEOU0vq8hs803k-nlZH1C5jp8l48h1Nh1P843Dyo2hjWwA3QAgNZk9qnBbNNb3WCek379FhA-rItCcqo6gMn2jF-ty2nLIcAGCFSIWYkW9PAJ-xGDR-0PBUOwjQA-THfPbB9vr5xV2sSkf7kl7nl6xaKIh4i4wXgh599yJsXrT0o7lvUc8PYCH088OYNvNMJ30cnfu5O8CuFXYTvbONaImnSBoJJ_JbOu379wEKlxv8cERX1ishe-Tnp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1411133
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC9 42 B
63 B 58ms
52ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAeczZsI1qOBhideFZldf_LARodCniFjvQlaLz0udvm-qe9fJ4uujDHTDpEorEv4tmccRFa47itIkfW7iiUZG43itAf2rWKex3JDTkXY23ufzbW6k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458828493&bpp=682&bdt=428&idt=946&shv=r20231003&mjsv=m202309291101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44803794%2C44804173&oid=2&pvsid=1972462585347372&tmod=14234105&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w86e1tkc4ww9&fsb=1&dtd=959

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC9 0
20 B 63ms
56ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13411831854284378353&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CDC9 89 KB
31 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame CDC9 3 KB
1 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame CDC9 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CDC9 0
0 94ms
27ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRr7SP2phzpFQ_vkwwVoi9BwNdv9ybzHtz_ZRFW15lt5laHna37tQwfyKQ1LqSB0LL4VE9m4yqMaW7g001BuCO2gA-Xeg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458828493&bpp=682&bdt=428&idt=946&shv=r20231003&mjsv=m202309291101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44803794%2C44804173&oid=2&pvsid=1972462585347372&tmod=14234105&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w86e1tkc4ww9&fsb=1&dtd=959
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDC9 187 KB
59 KB 39ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:50 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1530 0
0 73ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CC0jdS-gdZbr3PN787_UP8IaGsA7JntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT5AU_Qvow9nbkHAtvW7kjmSlddXlqvIv3e7oHir_xjqFMa34cJ-8bVb9JzGB-pST81-clKfJ5WSbp9rWmk2LW4kmbUwqY0bpYd3gcNp1WlM8_v2H4kpX04YM8NXe2Z8ESvmylrAMxr8j25MDR6R-gD-jXdexp0YL64ukxVUz4SMxEwwCEsqxdCQjfg9JE8IHw_M8NxPhl8DDkQsHb-hcq-_Xg8xX_ZKUduei8IpaKbisg_wboOWvXaJ8IYnyOSFAci2SYu9bUnd6dP0m_hvVhsEc3U3_4iQKXXRIHyDLiz7Fw3N5kR5M8Z1DMsBhPduNFPtWfXDQk691qlGeAEAYAG59C6h_zX6_pFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=s1V8HrG3Vyk&uach_m=[UACH]&cid=CAQSGwDICaaNnebBUYoduHDAJLUp3l_omgAkrlT3ERgB&cbvp=2&vis=1
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1530 0
126 B 125ms
33ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k9_uEu2uBKwC2ASdg2ICAgAAAB1C_3lfL3zXtd3qYYXwb5EQS-gdZaSym3juCOEjzVsAABIAAAoKQVFVRER3RUJEdw&wp=ZR3oSwAPO7oIu_5eAAGDcBrviLPQ4uRMVDoY5w&cbvp=2

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 137356
server: Kestrel
content-length: 0

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 6152 16 KB
17 KB 39ms
38ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:50 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 6152 16 KB
16 KB 40ms
39ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:50 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D17E 12 KB
5 KB 26ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1811399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WWwzoX%2BZrXW6tcvyotpGip9Bq4n18h8tMJvfSdtc7cZQjBLplwTahN9pyNWCYeqGFH8WGGlMOY3bkG7iMt%2BZJflcjqqagLUxZntlLqtJJPGhXUvRSt3Id%2B62%2BqIfSpakx6e4AS40%2B5NurWf4%2BkpaX3F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8110e3893ee924c4-ZRH
expires: Mon, 23 Sep 2024 22:33:50 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D17E 12 KB
6 KB 35ms
35ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:50 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6935 0
0 65ms
65ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc41ITOgdZdzeCpv97_UPnbOPsALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT6AU_Q4-KTbhJiFecd0V5Wfq79A6tSYPC7At7bPuoRv4LkF7AvFf_apvA5jf5oAnNCIFL93kLFU6i49yYz0fjTmVoGeOxiMcw4QAXxVR-2V7U2CJnOKneqgYW1n0uCf00AzzIQQtXYNWnSGhFT6LzhtIIkFTrCMNVrpJQI-NO0VixUBv3uBNybFYfOdVC2iknlhKBmfUbFRCa6I6YZYXRO5PjFfX9xJJQF_JpJ1GEtxT3mYGb7yhGbSbeYj-Sk1X-OX5djuhU3RYmfVq_mjZhDMVuUHUtBOGxsOOY3N7DAeCYml2iWgZesoc1TGxvzICk84gFWvqe6lLmAQYrgBAGABsea89eL-c35a6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=HqPmY4ukFl0&uach_m=[UACH]&cid=CAQSGwDICaaNkJJme5gFjbbgnoL-5-CwohYJSCzTexgB&cbvp=2&vis=1
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6935 0
125 B 31ms
30ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k6f4Cdj_CsoH-gGdg2ICAgAAAB1C_3lfL3zXtd3qYYXwb5EQTOgdZbazH91pwGa1t-oAABIAAAoKQVFVQkFRRUJBUQ&wp=ZR3oTAACr1wIu_6bAAPZnb9_o4syyOmZszKi1g&cbvp=2

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 222208
server: Kestrel
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 586F 478 B
198 B 34ms
33ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjBvYjGATAB&v=APEucNVmTB7zH32m40knOGx8yjmGKgTRlNeNs4TQb6CqZZEct04JA-_a1x9o5S0Faa5eablwyWB2cNEEkxvi_Vz84yHzRj8CRA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458828493&bpp=682&bdt=428&idt=946&shv=r20231003&mjsv=m202309291101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44803794%2C44804173&oid=2&pvsid=1972462585347372&tmod=14234105&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w86e1tkc4ww9&fsb=1&dtd=959
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:50 GMT
expires: Wed, 04 Oct 2023 22:33:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EF48 0
26 B 60ms
59ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_mT7n1kRxxsGzZE-kRGDZ63Id1qHUMSn6YtWYSjRWYdO2s_W_m3RLZ_F2CsPW-jjlpGdjrxkptKWX2XDoqLBMqvxEic58utrsLajhh2gHYA9aUwH3dn5blOZTmVi4-CwZ333ALlle6xIcExMZrZ8lJODYj7UqlI48A8yjGSmOM783BX8OrZJTdoMAMEviziTcRc5ciJ9Y6OIeDfF26VQaaDgFxtJ5hShLoHVT_va_L31Hf6cqlYA0vrNnI5y1VmO5qqAqGgUdWv2O-DQIgdgRd3OlQfH__hY4B7t2j6ilcwPn9TiifFzXy44MZrvfomdcpHrqLrxo5AOAqd4F8KIC7qwWvpmOEKzt6Xs&sai=AMfl-YT9W23beIk3K-9pmzueBUkccfGAEx9WEEybEUDHgVod_oQe_O0_zcPRjQpStrQL13Z9L7jftllcOY9_eyM&sig=Cg0ArKJSzDgEmCIIqKXvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n.js Show response
mb.moatads.com/ Frame 8114 98 B
275 B 302ms
51ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=3832207788&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WyMEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-wnHdlqV6USoP6g%3D%3D&sc=1&os=1-iA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=0&qe=0&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.xgcartoon.com&lp=https%3A%2F%2Fwww.xgcartoon.com&t=1696458830401&de=741813074988&m=0&ar=45436f5f584-clean&iw=3c7bb66&q=2&cb=0&ym=0&cu=1696458830401&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=3084%3A391358%3Aundefined%3A18&zMoatTactic=undefined&zMoatPixelParams=aid%3A40593631857913681604800%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=5563&zMoatOrigSlicer2=556417&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.xgcartoon.com%2F&id=0&ii=3&bo=5563&bd=xgcartoon.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A1313&jm=-1&fs=205170&na=110832965&cs=0&ord=1696458830401&jv=1320629411&callback=DOMlessLLDcallback_88250045
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/triplelift879988051105/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5344f4c3aa4417b63569ffd61baa6c87ccbafea94672486f2f8ed6ca094830d8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
server: istio-envoy
etag: "a61cf89120ae85fb6b23c412f15af0727edcb4f3"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 8
timing-allow-origin: *
content-length: 98

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8114 43 B
251 B 32ms
22ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.xgcartoon.com&lp=https%3A%2F%2Fwww.xgcartoon.com&t=1696458830401&de=741813074988&m=0&ar=45436f5f584-clean&iw=3c7bb66&q=3&cb=0&ym=0&cu=1696458830401&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=3084%3A391358%3Aundefined%3A18&zMoatTactic=undefined&zMoatPixelParams=aid%3A40593631857913681604800%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=5563&zMoatOrigSlicer2=556417&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.xgcartoon.com%2F&id=0&ii=3&bo=5563&bd=xgcartoon.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A1313&jm=-1&fs=205170&na=1636782620&cs=0
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 04 Oct 2023 22:33:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 04EE 0
127 B 33ms
33ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 22:33:49 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame D17E 0
127 B 34ms
33ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Z1WcYeEHWqTILRb8Wq8r7P1zaA2K3NHC0yK3y-7BkyBSXJvON7SCKw1fqOQvBUvBhOp4S2JeyKEYCde5XxC-N0NizAlRRakHrNWaKIEh7osiQ9VnBtV2hmLpbrI8Vy3ImVMcWYf_mLYxkeDtpGM-Pa4rFZXTUgzZtHRAYOAlGghapKXvYgEIWtXelUlQmFaPaLaSMuWWVsBMXFzSWTrDzeQrNbnqvLI40F8r4JkCNmAuktRBG53C-q5etUdjn2yDyMxdTg&sds=2&rev=88684&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 Oct 2023 22:33:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D17E 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D17E 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:50 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EF48 143 KB
50 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd56207cb22c90bde52904d062583f1dbcd06b2dcff0e03011b3a5376f758f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50696
x-xss-protection: 0
server: cafe
etag: 9626496129743186988
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:50 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 586F 170 B
409 B 136ms
67ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjBvYjGATAB&v=APEucNVmTB7zH32m40knOGx8yjmGKgTRlNeNs4TQb6CqZZEct04JA-_a1x9o5S0Faa5eablwyWB2cNEEkxvi_Vz84yHzRj8CRA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 586F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1&C=1

43 B
337 B

35ms
35ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjBvYjGATAB&v=APEucNVmTB7zH32m40knOGx8yjmGKgTRlNeNs4TQb6CqZZEct04JA-_a1x9o5S0Faa5eablwyWB2cNEEkxvi_Vz84yHzRj8CRA
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZTFbeAmWEL4VCxGVm9rcN9PVaH1EJc15wLUwGxx9P12%2BMNxl9DpJUiW4tiI9UDj6RluxkwDaLDo5wpKy4T1YWqZ30VbQ%2BfD3YYQhUwyLxKLqfsxTN%2FGp2Thc0eXSZB96goO9n66Pt2tvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8110e38e6f480200-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stM0V7DQFbTBgCireBhHRDc2aJkwx7yzLAMXotiFRFfzGLbcdLF2Q0lrUa7rcBvMDJJr2a%2FA%2FGIekZIJb0MWO3AsD02s%2Ftb%2BH%2BNZgmOmFpdFljw%2F6Un8Uj8CSoBeODgGAXcYZnrnna%2FSGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8110e38e2f010200-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 586F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZR3oT2HkGUjj0U..cXbfcQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1&google_hm=2

43 B
765 B

43ms
43ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjBvYjGATAB&v=APEucNVmTB7zH32m40knOGx8yjmGKgTRlNeNs4TQb6CqZZEct04JA-_a1x9o5S0Faa5eablwyWB2cNEEkxvi_Vz84yHzRj8CRA
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FRrJ8Bf1jneZW0sKKBq3RJ3ojlNz2aIk85ezZ0oBTBcB9coY2krcBx9uMtZiojYET4K7HL3Z4dt8fSxMTH2WgIAR4ecAOVifsi9iLmwLqeDZIxhZHsnE26lC00SxRfWApSSTGKWygtwhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8110e38efe6501eb-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG8VbDZkeLf6F7sdsLGB3A&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC9 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8434084478424&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC9 0
20 B 101ms
100ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8434084478424&version=m202309260101&ct=77&x=1&cor=13411831854284378000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CDC9 16 KB
12 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0k14T1pFDnfhz7ElrCD8efWveQIXgoKbI6_YQoA8cp74ZDYs21O_s1lFtjzs4_7WvLynxOEUBhbG-DdJ5w-qPMYvVBBfg4q1_MJvb1yY5if_-6uJY7CYUjBbNooXRN4ebmgHrKTDmPa6YPL_Q_aX1Clovtq2Gr2o1P2-0OHpt4Spjsd8&cry=1&dbm_d=AKAmf-C1z5FYp4VnWFX3rROtU0OjdwOG9hiwF5XuZxZPc5ZyL9-y63GypLU8Xd50vDDgrVtCbWAWWG-q2rB7aQQRGc2Hn608dXbs5Z7WJmQ1mMretSaSdzYM-qxODNkME6nAHUodKGPrmh20qUzzS4QUGCyBHvU6quotlWhM7imc20pvgP7g86ksDJ-PcwuxklWh-Gj3QnCgeYfpEAzgmivVACqkexXS7XE_b6kt9Wz32blBx9rWYaGfPQ8e-sUvXd9j1Yuq4gLYkuAOMsU_AccJBGWzqO0J2mfAwE-V3IdQhuacZ07wRypJFHAWyD5rr5hvsfLvDGof9c0kj4S6icrkk3-mDSjCYCssyWEME6KJGAj4i3xN72IUG4kRbEcCK4JVfPL1zE6vB7H8fU44G6c82shLfLIMp31dNn0PcPzW1eA3JBHR50blqtGmoo7wy4SLnx4vgxLZByFdJdzmi9StW-swAuZ82C_zaIbqcP5DXa5zuuNg4miXKBFDM0rVKwki_LmPksf7TEJTFxJlAP1A2XZS6SJakYnfM7Jawr0_3-kp1tj28NeUzEIuto_kGpTni80ucVrt4IotE--SNobxZWqDinzLidXcE83rsyNJDPKLOvIHqSQ0nfmmzM8aX8Xje94IERAE4QXI4rMf1vBoEXppyg_TcMU4ffYrqPamscsYYSfWqjYoCD9CepmkLz6oamEfxrkJEIkXI0bd4ZmsPI8oLFYPSMpA_8NPoD2gW1zxI5RVMyuxFBuEyQDmPfST_dq5RuRSK2Ggsc9xjnE0JYA0HJwcUfTepG0DSK_4mFzZQ7s3GqQ6_KEgh3vYsieGnKxt5P1O01s2P5EcGafyl4hQRoMzncKSgkD12y6q8M46lZsy0tqaZIWzgL4Q9GzQ3y1CnRkrDzL2zixFmN2Ze4qSAUIkHfHZDfQ-_a7YfYS0suj3ti-LlOCzXG0mcY-gU4eR_CsFWrEVDy28P3G3c9KoGApUXvWsqZCrIn41ew2FoRmzROQcmkmPW3jUlJyh3fw5omrdB2D3mD7u8zhMJ8VXm4hHoZ-XRPeHzmsKOJIfloIkzxtmrT1oBEuGpFY3SKuALB-1ZDzxtSC9TdB2Jr7QHcwmimZoB1bunIT3R7OYk_gFrHaWTwFCo9ZMIafgpnWVTYZ-8dR-my3p3HRvoPiL5klQmQiCZmkstQXbg2tAaxXO99FO0uMEhT4NTU_iS9w1moijMkrUhT5kHOhALBqha8LQ5Lo_Zj5yjyie6mxPqIhaISNgxQQKZaYyGWFZG1VR18z2-MOwTYHalHDVuKY6MX97vFv--ne5rlgIgvg-ztm5x4PR1GWEdIAUecq1X_hP1hqOPVunehH0K7tjnbIjGXM3bPYH-NagpXoQnwSIU-kJ7jKhS2ceyvpQJh3K79KRNUMYhZ9bUSm7L97ouEhST7aZdbieIDbWJYR5irNfLOqcrxO8BFICsswERI9wZ-GkJ13e6K1cUr2OcrMXtdCtNTUUSoqwhyRXT4x7aUHTljUlZcQZK4hhbmC5nR6_g-X8Y6sIb7uMovXlAUfopzuhrxedEp4CK020UQPGwfVI9x3GQsHAabLmKX2aJ8s3xxL1D3qBt-yYp_pgzKPH7_q_JYqWJOTO0gkmli6m7Awk5mJNVqn1EnaQHtHk7GspAKEj9r-aQJYTyRV5B0n9DTRShEEjfktwETeYZ_VwJSxqY623K2rwhqpYDtd0VWsdKGfTlhQAF3gk9IRT7SmnGhsJLGj_T4b8TicdQ4jyAb_bs5zl5hy_z4vBaxbaRQ1OlWIamRluYSQZW6hmcPhEPBoV1Q-0pxgwT3KfDr5JyG9TKco3C_Hnrk8haHdI_OdL82EujBJpS3zRLZa3oTLZVJiMndae2BiKhIdViI1Bkd2-Cn5sleW2PUf_jjA8Wju2Ss137Nb_sOkW1nPrZxXsyskRZoCnDTcor2SWbrnPxZWALAtL632e4Dt7bw_PIRL_J-5oULATma_Xz9yRbdgJ6B9jS6v54zpM7d01wAtWtGMmpFO1Gp0GQUeU8rRcWkUqsrFvgQIR5xfcQzVaqUu4EFGeB70n0U4e2JSnbbxQUlfS8pGwplyfj7pDJm-dOLqLEfJSGKWz7Ih4Bs_VNtxJt1i7gnVCuakHt1j2Yie5IEI-WWZHGJcgrDX8gU3tov_87jCsGzyQg2v727n_jnfIv3W7xxbHlb6JAaoAXgBIU3Keir9qfWhlNmml6V04Xl3IVUm3QpRbGUpvoaWM9ZW5qM3VGQUIEBCX11eKonAEXCmQRrg9PKHFC5H3PxBCv58i4PPW2sXAKnlzp3bRmOfnC56GUxqp6diBZQ9xnEsF4MFeCWZrPI9Oz0w4YiJQdPPeC_fPKoI5WDA5R70GpdgXeEVYSLW22Jrd52fV0fB6uT033c9jptV31W6Bo5RJCmrh_dEnLPiNsMzBLnUzyUDW5JMXrwG5nEQrh2qEyOTb1eqdvOZ1EsvmYWNg3cue0wJ1rwwp1856k_c8DyK4Kyy8d6mtc0lx4V4pPEMkMe65ezfCiTUzpbMnBUnncxpRtnMrU3pznmtR6RhShGL1yck-Ax-lEKDaC3PvmABJr-Kf99yVSdmPGrVrbgFgoqIBGlAY6L_AUGaINXOJtpAbHtrxcqPLnY6lqGUAc1gV-6rqZ4qtUrg8dNld7b6gCroMoSV1aveRWzAaf9QukjWFToFyHeQmj0NDGyAo6uKkLXR9lvRjoIh8NDfr10sW71yMLL7kGV15VNOk5YVlQ-_7pkmD3E20tE0AqyfrF6quZTBg0HQaN57ON5nQCDTYExZCfyM_54Eu9PtWANuqz21v_aLMo2nc6FHWu2O6CcwGY5XGnEfC_ydiHaW7_H4EqJcQy9UsYlxtre2c2Gvgit17qqwtesBM2yTf06NQDogMsCcMVPA0abtHbz-trynrIk2cMJyUzl8p7MidNmjaxH1hKXW4WXma110eRK4ItT73A3OBGkA0S9JauoCNs5ltnKxdOtm_4VZexJKcDZDU-2JJhSkNhc5u2rUpL_w6YyAFzoOkDM34KsOwGrkR8DvetCApRvLrJS-eCz60coCVzBjNzmX3-1iKkdL2Mphg8Roq0qn3yhkX0F5Ls2Q5J0MpxMy7qLfeCHvB68S5DP423W-3HA6Nl5aKo-65E51XKhtJxQJqElfCOkmHHTey16iq64SCvOypjeCFKRckrhBW7Z1vvv5MmEai0ZEmTSWaTFzvg_QGdsy6rp5p-fVHVNjyBS3K03MEqwJ1B6iWWgFgYu6mBTKFJAJ-9zXpy2FUPTkvEyJVnR-dlKXCwOB8C6qIzaH3OmPNkDLLcG5gp1bd9hcpj0N7RDkFWxs9O8r5kiUAaJdaJF3p6Tm7yW3j5LMhmCephtDvJps0S_su5k9JbggiIX2Auj0W8BqkxdZfkeOsc7KRoGArfcxOaZ86SP1qSfYxF9_WyvNNY5z7s4EFjkMNFDDm1pRYAdn0Ipl9nRJshl1vegVdpEC0LcaCnUKC7tXNEVo7sEXvpXT5A7ntKQQ0QVgzXGn9RGFzpeCVKWbGH8WyXofnj1KSYvpLbNjb-pIdbGo-u0J-EShK0ddKF2qLMOlPQESTJwtItdyL30KhwH-qA6xcnyBhgrORpbAHhdk5EKrFJyZiZIF67pIHjN7_76RK-8u0Mh80wTb3QbQpqtmO5xZDypZMf4w&cid=CAQSKQDICaaNmHPrtjMbpsgF3AfUL68A0yviSfyaRjV1Jym4KM67POUav2BtGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=13411831854284378000&adk=3522027986&idt=306&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11dcf6ceae5953e3d8d5f53fe1142a1ccda98aa32656e429f3571249447b2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458828493&bpp=682&bdt=428&idt=946&shv=r20231003&mjsv=m202309291101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44803794%2C44804173&oid=2&pvsid=1972462585347372&tmod=14234105&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w86e1tkc4ww9&fsb=1&dtd=959
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12268
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff
static.criteo.net/design/dt/ Frame D17E 56 KB
56 KB 55ms
48ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b113c14be1be4dbda4ef71cee8de4dfc_casanspro_regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 24 May 2018 07:59:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b0670fe-dec4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Sep 2024 22:33:50 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ Frame EF48 389 KB
132 KB 63ms
57ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dbe7cc7b44665d8eed2a0887a127572526738f11b68471e18a403ef52ad79ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135148
x-xss-protection: 0
server: cafe
etag: 11116063902700907363
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:51 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CDC9 41 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0k14T1pFDnfhz7ElrCD8efWveQIXgoKbI6_YQoA8cp74ZDYs21O_s1lFtjzs4_7WvLynxOEUBhbG-DdJ5w-qPMYvVBBfg4q1_MJvb1yY5if_-6uJY7CYUjBbNooXRN4ebmgHrKTDmPa6YPL_Q_aX1Clovtq2Gr2o1P2-0OHpt4Spjsd8&cry=1&dbm_d=AKAmf-C1z5FYp4VnWFX3rROtU0OjdwOG9hiwF5XuZxZPc5ZyL9-y63GypLU8Xd50vDDgrVtCbWAWWG-q2rB7aQQRGc2Hn608dXbs5Z7WJmQ1mMretSaSdzYM-qxODNkME6nAHUodKGPrmh20qUzzS4QUGCyBHvU6quotlWhM7imc20pvgP7g86ksDJ-PcwuxklWh-Gj3QnCgeYfpEAzgmivVACqkexXS7XE_b6kt9Wz32blBx9rWYaGfPQ8e-sUvXd9j1Yuq4gLYkuAOMsU_AccJBGWzqO0J2mfAwE-V3IdQhuacZ07wRypJFHAWyD5rr5hvsfLvDGof9c0kj4S6icrkk3-mDSjCYCssyWEME6KJGAj4i3xN72IUG4kRbEcCK4JVfPL1zE6vB7H8fU44G6c82shLfLIMp31dNn0PcPzW1eA3JBHR50blqtGmoo7wy4SLnx4vgxLZByFdJdzmi9StW-swAuZ82C_zaIbqcP5DXa5zuuNg4miXKBFDM0rVKwki_LmPksf7TEJTFxJlAP1A2XZS6SJakYnfM7Jawr0_3-kp1tj28NeUzEIuto_kGpTni80ucVrt4IotE--SNobxZWqDinzLidXcE83rsyNJDPKLOvIHqSQ0nfmmzM8aX8Xje94IERAE4QXI4rMf1vBoEXppyg_TcMU4ffYrqPamscsYYSfWqjYoCD9CepmkLz6oamEfxrkJEIkXI0bd4ZmsPI8oLFYPSMpA_8NPoD2gW1zxI5RVMyuxFBuEyQDmPfST_dq5RuRSK2Ggsc9xjnE0JYA0HJwcUfTepG0DSK_4mFzZQ7s3GqQ6_KEgh3vYsieGnKxt5P1O01s2P5EcGafyl4hQRoMzncKSgkD12y6q8M46lZsy0tqaZIWzgL4Q9GzQ3y1CnRkrDzL2zixFmN2Ze4qSAUIkHfHZDfQ-_a7YfYS0suj3ti-LlOCzXG0mcY-gU4eR_CsFWrEVDy28P3G3c9KoGApUXvWsqZCrIn41ew2FoRmzROQcmkmPW3jUlJyh3fw5omrdB2D3mD7u8zhMJ8VXm4hHoZ-XRPeHzmsKOJIfloIkzxtmrT1oBEuGpFY3SKuALB-1ZDzxtSC9TdB2Jr7QHcwmimZoB1bunIT3R7OYk_gFrHaWTwFCo9ZMIafgpnWVTYZ-8dR-my3p3HRvoPiL5klQmQiCZmkstQXbg2tAaxXO99FO0uMEhT4NTU_iS9w1moijMkrUhT5kHOhALBqha8LQ5Lo_Zj5yjyie6mxPqIhaISNgxQQKZaYyGWFZG1VR18z2-MOwTYHalHDVuKY6MX97vFv--ne5rlgIgvg-ztm5x4PR1GWEdIAUecq1X_hP1hqOPVunehH0K7tjnbIjGXM3bPYH-NagpXoQnwSIU-kJ7jKhS2ceyvpQJh3K79KRNUMYhZ9bUSm7L97ouEhST7aZdbieIDbWJYR5irNfLOqcrxO8BFICsswERI9wZ-GkJ13e6K1cUr2OcrMXtdCtNTUUSoqwhyRXT4x7aUHTljUlZcQZK4hhbmC5nR6_g-X8Y6sIb7uMovXlAUfopzuhrxedEp4CK020UQPGwfVI9x3GQsHAabLmKX2aJ8s3xxL1D3qBt-yYp_pgzKPH7_q_JYqWJOTO0gkmli6m7Awk5mJNVqn1EnaQHtHk7GspAKEj9r-aQJYTyRV5B0n9DTRShEEjfktwETeYZ_VwJSxqY623K2rwhqpYDtd0VWsdKGfTlhQAF3gk9IRT7SmnGhsJLGj_T4b8TicdQ4jyAb_bs5zl5hy_z4vBaxbaRQ1OlWIamRluYSQZW6hmcPhEPBoV1Q-0pxgwT3KfDr5JyG9TKco3C_Hnrk8haHdI_OdL82EujBJpS3zRLZa3oTLZVJiMndae2BiKhIdViI1Bkd2-Cn5sleW2PUf_jjA8Wju2Ss137Nb_sOkW1nPrZxXsyskRZoCnDTcor2SWbrnPxZWALAtL632e4Dt7bw_PIRL_J-5oULATma_Xz9yRbdgJ6B9jS6v54zpM7d01wAtWtGMmpFO1Gp0GQUeU8rRcWkUqsrFvgQIR5xfcQzVaqUu4EFGeB70n0U4e2JSnbbxQUlfS8pGwplyfj7pDJm-dOLqLEfJSGKWz7Ih4Bs_VNtxJt1i7gnVCuakHt1j2Yie5IEI-WWZHGJcgrDX8gU3tov_87jCsGzyQg2v727n_jnfIv3W7xxbHlb6JAaoAXgBIU3Keir9qfWhlNmml6V04Xl3IVUm3QpRbGUpvoaWM9ZW5qM3VGQUIEBCX11eKonAEXCmQRrg9PKHFC5H3PxBCv58i4PPW2sXAKnlzp3bRmOfnC56GUxqp6diBZQ9xnEsF4MFeCWZrPI9Oz0w4YiJQdPPeC_fPKoI5WDA5R70GpdgXeEVYSLW22Jrd52fV0fB6uT033c9jptV31W6Bo5RJCmrh_dEnLPiNsMzBLnUzyUDW5JMXrwG5nEQrh2qEyOTb1eqdvOZ1EsvmYWNg3cue0wJ1rwwp1856k_c8DyK4Kyy8d6mtc0lx4V4pPEMkMe65ezfCiTUzpbMnBUnncxpRtnMrU3pznmtR6RhShGL1yck-Ax-lEKDaC3PvmABJr-Kf99yVSdmPGrVrbgFgoqIBGlAY6L_AUGaINXOJtpAbHtrxcqPLnY6lqGUAc1gV-6rqZ4qtUrg8dNld7b6gCroMoSV1aveRWzAaf9QukjWFToFyHeQmj0NDGyAo6uKkLXR9lvRjoIh8NDfr10sW71yMLL7kGV15VNOk5YVlQ-_7pkmD3E20tE0AqyfrF6quZTBg0HQaN57ON5nQCDTYExZCfyM_54Eu9PtWANuqz21v_aLMo2nc6FHWu2O6CcwGY5XGnEfC_ydiHaW7_H4EqJcQy9UsYlxtre2c2Gvgit17qqwtesBM2yTf06NQDogMsCcMVPA0abtHbz-trynrIk2cMJyUzl8p7MidNmjaxH1hKXW4WXma110eRK4ItT73A3OBGkA0S9JauoCNs5ltnKxdOtm_4VZexJKcDZDU-2JJhSkNhc5u2rUpL_w6YyAFzoOkDM34KsOwGrkR8DvetCApRvLrJS-eCz60coCVzBjNzmX3-1iKkdL2Mphg8Roq0qn3yhkX0F5Ls2Q5J0MpxMy7qLfeCHvB68S5DP423W-3HA6Nl5aKo-65E51XKhtJxQJqElfCOkmHHTey16iq64SCvOypjeCFKRckrhBW7Z1vvv5MmEai0ZEmTSWaTFzvg_QGdsy6rp5p-fVHVNjyBS3K03MEqwJ1B6iWWgFgYu6mBTKFJAJ-9zXpy2FUPTkvEyJVnR-dlKXCwOB8C6qIzaH3OmPNkDLLcG5gp1bd9hcpj0N7RDkFWxs9O8r5kiUAaJdaJF3p6Tm7yW3j5LMhmCephtDvJps0S_su5k9JbggiIX2Auj0W8BqkxdZfkeOsc7KRoGArfcxOaZ86SP1qSfYxF9_WyvNNY5z7s4EFjkMNFDDm1pRYAdn0Ipl9nRJshl1vegVdpEC0LcaCnUKC7tXNEVo7sEXvpXT5A7ntKQQ0QVgzXGn9RGFzpeCVKWbGH8WyXofnj1KSYvpLbNjb-pIdbGo-u0J-EShK0ddKF2qLMOlPQESTJwtItdyL30KhwH-qA6xcnyBhgrORpbAHhdk5EKrFJyZiZIF67pIHjN7_76RK-8u0Mh80wTb3QbQpqtmO5xZDypZMf4w&cid=CAQSKQDICaaNmHPrtjMbpsgF3AfUL68A0yviSfyaRjV1Jym4KM67POUav2BtGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=13411831854284378000&adk=3522027986&idt=306&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 601334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 23:31:37 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6FA1 0
0 65ms
64ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWx5dTOgdZdWHOrOZ9u8Pjo-s6ALJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpApogfz3PnrE-4AIAqAMByAMCqgT5AU_Qn4cl27WCdDMYblYb_f0-W2HnKqejg8Y4y7b_HH479cWhgchmaWfS9KV_mJpS9vOVyIPJrlJLZWO1Rx0TEK8r6XUBDVRsy91SgKrcNDE61SOcUI3fMaaHpyvseRpTCA8ftYtgZ7jfIEFsQ9h1UPyZ3kZl3vxvy-D5h1xI_aKUTzogTDV4V4RS84sE7yJlACMcLGofVNZoIrTPZm039o98cW9rivj225-hEB78ljSFAv-cNcXNkwbIgKjBQvg2Gw9qfuqGfX942iQcLj4l0lH-2FLfCNM7M05JkohZatZUkhyl_Ctxv0RMvCenXV9fcQh8U7b4M64SO-AEAYAG59C6h_zX6_pFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=V9dLKChEJ8s&uach_m=[UACH]&cid=CAQSGwDICaaN4p74MdoWdtLV3c_vK9p36AomAY1CYBgB&cbvp=2&vis=1
Requested by: Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 6FA1 0
125 B 84ms
83ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k9_uEu2uBKwC2ASdg2ICAgAAAB1C_3lfL3zXtd3qYYXwb5EQTOgdZcHk0Uw9QNyHBIUAABIAAAoKQVFVREFRRUJBUQ&wp=ZR3oTAAOg9UH_YyzAAsHjhTgrqqxp-tilG1l2w&cbvp=2

Requested by

Host: bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:50 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 122989
server: Kestrel
content-length: 0

GET
H/1.1 200
OK ykuzho0n7xq0 Show response
hal9000.redintelligence.net/zone/ Frame CDC9 11 KB
4 KB 114ms
27ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ykuzho0n7xq0?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYlbdTegdZZ2yHr-e78EPm4-emAORwdCbabvpg5LcD_AuEAEg08vOMGD1lc6B4ATIAQmpApogfz3PnrE-qAMByAObBKoE6gFP0C-PwH-Eyp8hGmN5-ZfOHK-zG8NpLXHzWRCzlYAQZcYj4H7rDcNRqV2sRdzJ8cwYY2B0E32dsqcG4JEV5QI88AircMNGi1L_Eyqgf1IcunPsUREDMacTq4htu2ustZBuyVecz4hMd0DKIH4R4K0nhX7-1XUOS7wVMl4Wrgyc2QKXPeo34uAB90ljG6NndNt13eHWGdzxU32CAzIkB-6D60_BknGC6X2pF3BRHwAY7Wo_l-YCsslij34Q-sQyVIh5V7K92V35K9sTMVq_AqDCL6hasAjj9K1fyIGisUKnNBSfms24emmMqNTABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI3Yyiz7ndgQMVP887Ah2bhwczEAEYASAAEgJAHfD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmHPrtjMbpsgF3AfUL68A0yviSfyaRjV1Jym4KM67POUav2BtGAE%26sig%3DAOD64_07a6ywXoqTQKrw8wMOqhUaSAFgPw%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Bx59cMV7nTr48fAxfzd6kj4JrGFzzUemZWCnjFejeArzDSnKeYGBf7krmbPaGiqv5JkXpJCz8dbb9xcdGfzA9bGCv1BpDGK1ZCy0QJnpYVv-e8lRXdykuRTcIkkWsqbhr82IvhA8lb8cHZq1Xdrs6Z1tsXTqC0vUnthPTdnBFGNOVRO7k%26cry%3D1%26dbm_d%3DAKAmf-AwM9Y1fhZPkV2uPcBUxDoWUSz3AaLLcuvAcRXkugqLP-wX-LeJJsTMSaAkq2t-rmN0_5ejayVjI9qGY4T637YEUp2e47iq4YuUGesHKz1aTUjQEOoYL258WN8CTFWImSgWUVJgg0Ee8yXUa8sp6jsDkuEb9PUTaB4oWC_lEjmLHFugYh73iSsZt77EJLOsect3r2sgQOTB2f5JwwC-_51tZ5onfOc6fvd30dygQvyrncoa8RokDPwZbsdJwAThvpKf1kkLgoMbrJoRyv79yHM8hDBLx1JFFkzFqqDH9Ie1iLP1SWoI5Wwk62B7rUdB39KjQ8vpvrQtddDoM-_n20_KGuyMKBnZkTp0OqQV2hulxlIaxb8BxLfiC74cm4D74ECxpOXPYT6-pGsYCdQ6S-Ocka3MPcXWLdFv06JeodjYPK0WwZwVwkVysOMSHD7_Dm8Roh9RKvXAzix5oPEWJjLVyUK2wV8SI2p0ntjMM7G_wMosgsrviLALUSwpQv2VUQPI2FKRkwOakqXg9wduYfOAAlibovVNj3aplrkQ0wfUsghq8Pc%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458828493&bpp=682&bdt=428&idt=946&shv=r20231003&mjsv=m202309291101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44803794%2C44804173&oid=2&pvsid=1972462585347372&tmod=14234105&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w86e1tkc4ww9&fsb=1&dtd=959
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: eff3882abc295c20136dfc1e274929f93a39646f120f29131163116f4204e5c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:33:51 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4133
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6D24 38 KB
13 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 233361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 05:44:30 GMT
expires: Tue, 01 Oct 2024 05:44:30 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E64 23 KB
11 KB 424ms
423ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458830860&bpp=110&bdt=1173&idt=253&shv=r20231003&mjsv=m202310020101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532335%2C31078488%2C21065724&oid=2&pvsid=3560551974905802&tmod=1630890057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.go2hh5yilrbg&fsb=1&dtd=269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

665e6612bce3d11ac04fa07d0ac8955f40a77c7ec32dd20781e5b2d4318fd5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 10893
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900030.redintelligence.net/ Frame CDC9
Redirect Chain

https://hal900030.redintelligence.net/request.php?zone=ykuzho0n7xq0&nw=20&renderingType=javascript&namespace=a1e2f78d1f&subid=&uid=ad0aa20d535ee8b7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900030.redintelligence.net/request.php?zone=ykuzho0n7xq0&nw=20&renderingType=javascript&namespace=a1e2f78d1f&subid=&uid=ad0aa20d535ee8b7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

212ms
161ms

Script
application/x-javascript

136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=ykuzho0n7xq0&nw=20&renderingType=javascript&namespace=a1e2f78d1f&subid=&uid=ad0aa20d535ee8b7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYlbdTegdZZ2yHr-e78EPm4-emAORwdCbabvpg5LcD_AuEAEg08vOMGD1lc6B4ATIAQmpApogfz3PnrE-qAMByAObBKoE6gFP0C-PwH-Eyp8hGmN5-ZfOHK-zG8NpLXHzWRCzlYAQZcYj4H7rDcNRqV2sRdzJ8cwYY2B0E32dsqcG4JEV5QI88AircMNGi1L_Eyqgf1IcunPsUREDMacTq4htu2ustZBuyVecz4hMd0DKIH4R4K0nhX7-1XUOS7wVMl4Wrgyc2QKXPeo34uAB90ljG6NndNt13eHWGdzxU32CAzIkB-6D60_BknGC6X2pF3BRHwAY7Wo_l-YCsslij34Q-sQyVIh5V7K92V35K9sTMVq_AqDCL6hasAjj9K1fyIGisUKnNBSfms24emmMqNTABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI3Yyiz7ndgQMVP887Ah2bhwczEAEYASAAEgJAHfD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmHPrtjMbpsgF3AfUL68A0yviSfyaRjV1Jym4KM67POUav2BtGAE%26sig%3DAOD64_07a6ywXoqTQKrw8wMOqhUaSAFgPw%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Bx59cMV7nTr48fAxfzd6kj4JrGFzzUemZWCnjFejeArzDSnKeYGBf7krmbPaGiqv5JkXpJCz8dbb9xcdGfzA9bGCv1BpDGK1ZCy0QJnpYVv-e8lRXdykuRTcIkkWsqbhr82IvhA8lb8cHZq1Xdrs6Z1tsXTqC0vUnthPTdnBFGNOVRO7k%26cry%3D1%26dbm_d%3DAKAmf-AwM9Y1fhZPkV2uPcBUxDoWUSz3AaLLcuvAcRXkugqLP-wX-LeJJsTMSaAkq2t-rmN0_5ejayVjI9qGY4T637YEUp2e47iq4YuUGesHKz1aTUjQEOoYL258WN8CTFWImSgWUVJgg0Ee8yXUa8sp6jsDkuEb9PUTaB4oWC_lEjmLHFugYh73iSsZt77EJLOsect3r2sgQOTB2f5JwwC-_51tZ5onfOc6fvd30dygQvyrncoa8RokDPwZbsdJwAThvpKf1kkLgoMbrJoRyv79yHM8hDBLx1JFFkzFqqDH9Ie1iLP1SWoI5Wwk62B7rUdB39KjQ8vpvrQtddDoM-_n20_KGuyMKBnZkTp0OqQV2hulxlIaxb8BxLfiC74cm4D74ECxpOXPYT6-pGsYCdQ6S-Ocka3MPcXWLdFv06JeodjYPK0WwZwVwkVysOMSHD7_Dm8Roh9RKvXAzix5oPEWJjLVyUK2wV8SI2p0ntjMM7G_wMosgsrviLALUSwpQv2VUQPI2FKRkwOakqXg9wduYfOAAlibovVNj3aplrkQ0wfUsghq8Pc%26adurl%3D&documentReferer=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3930769775539&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046730&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458828493&bpp=682&bdt=428&idt=946&shv=r20231003&mjsv=m202309291101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44803794%2C44804173&oid=2&pvsid=1972462585347372&tmod=14234105&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w86e1tkc4ww9&fsb=1&dtd=959
Protocol: HTTP/1.1
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 6af58cf04efd9fd32d97550d6fa284266b135980e44da2b945d1017beb9964c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 22:33:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 35649500001962104438268012468030
Connection: close
Content-Length: 331
Expires: Wed, 04 Oct 2023 23:33:51 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 22:33:51 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=ykuzho0n7xq0&nw=20&renderingType=javascript&namespace=a1e2f78d1f&subid=&uid=ad0aa20d535ee8b7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYlbdTegdZZ2yHr-e78EPm4-emAORwdCbabvpg5LcD_AuEAEg08vOMGD1lc6B4ATIAQmpApogfz3PnrE-qAMByAObBKoE6gFP0C-PwH-Eyp8hGmN5-ZfOHK-zG8NpLXHzWRCzlYAQZcYj4H7rDcNRqV2sRdzJ8cwYY2B0E32dsqcG4JEV5QI88AircMNGi1L_Eyqgf1IcunPsUREDMacTq4htu2ustZBuyVecz4hMd0DKIH4R4K0nhX7-1XUOS7wVMl4Wrgyc2QKXPeo34uAB90ljG6NndNt13eHWGdzxU32CAzIkB-6D60_BknGC6X2pF3BRHwAY7Wo_l-YCsslij34Q-sQyVIh5V7K92V35K9sTMVq_AqDCL6hasAjj9K1fyIGisUKnNBSfms24emmMqNTABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI3Yyiz7ndgQMVP887Ah2bhwczEAEYASAAEgJAHfD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmHPrtjMbpsgF3AfUL68A0yviSfyaRjV1Jym4KM67POUav2BtGAE%26sig%3DAOD64_07a6ywXoqTQKrw8wMOqhUaSAFgPw%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Bx59cMV7nTr48fAxfzd6kj4JrGFzzUemZWCnjFejeArzDSnKeYGBf7krmbPaGiqv5JkXpJCz8dbb9xcdGfzA9bGCv1BpDGK1ZCy0QJnpYVv-e8lRXdykuRTcIkkWsqbhr82IvhA8lb8cHZq1Xdrs6Z1tsXTqC0vUnthPTdnBFGNOVRO7k%26cry%3D1%26dbm_d%3DAKAmf-AwM9Y1fhZPkV2uPcBUxDoWUSz3AaLLcuvAcRXkugqLP-wX-LeJJsTMSaAkq2t-rmN0_5ejayVjI9qGY4T637YEUp2e47iq4YuUGesHKz1aTUjQEOoYL258WN8CTFWImSgWUVJgg0Ee8yXUa8sp6jsDkuEb9PUTaB4oWC_lEjmLHFugYh73iSsZt77EJLOsect3r2sgQOTB2f5JwwC-_51tZ5onfOc6fvd30dygQvyrncoa8RokDPwZbsdJwAThvpKf1kkLgoMbrJoRyv79yHM8hDBLx1JFFkzFqqDH9Ie1iLP1SWoI5Wwk62B7rUdB39KjQ8vpvrQtddDoM-_n20_KGuyMKBnZkTp0OqQV2hulxlIaxb8BxLfiC74cm4D74ECxpOXPYT6-pGsYCdQ6S-Ocka3MPcXWLdFv06JeodjYPK0WwZwVwkVysOMSHD7_Dm8Roh9RKvXAzix5oPEWJjLVyUK2wV8SI2p0ntjMM7G_wMosgsrviLALUSwpQv2VUQPI2FKRkwOakqXg9wduYfOAAlibovVNj3aplrkQ0wfUsghq8Pc%26adurl%3D&documentReferer=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3930769775539&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 04 Oct 2023 23:33:51 +0200

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D24 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 04:25:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8114 0
0 66ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSyZtS-gdZfWrH6_n7_UPgeu_yAfukrWTXL-ihcfkBcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJ4AIAqAMByAMCqgT5AU_Q040rFZiRGOv5y2ddfDf0GWi8QVMagDiQt_9CNorj_arZJgyFvCDV3Wz01kkybfcMU3HRisBJqDjqyjqG7n7qG0QZP6lG6xaRh_DJ65pvolCs-RfOOTHxPhSosTZQ1Co7BUUcTH_yMH_OTju5OdXWuJtgzZzOskgxtZiVZIkEHTgMwzvkOPbi_NkMgOj4ggPaAC1tEGzThsyDMzA-C7BYBI9ZTNcu-LjOilD-qldcAYOeXAX0xDe0PsmPZlMNazUDJvF42CO7X5vdkRU-7YqLDUZJyaqAnlnsDq8l3U-E8WVV-OXopVTuqDoxdgNYFrQ-fxyLwXvcouAEAYAGhauIwdSartIOoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=0sG1gTd9vVs&uach_m=[UACH]&cid=CAQSGwDICaaNuxE3KDvPzRJS0-Dgn6SbFawJhcAP5xgB&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sync Show response
eb2.3lift.com/ Frame C5F1 37 B
139 B 27ms
27ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=85077
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/f203c6df764ae3b8c5587fd75a06d8184d33ecb8/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 04 Oct 2023 22:33:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D24 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzJnTTugdZdTrONy_9u8Pv6C6-AIAAAAAOAHgBAI&bg=!9fal9rnNAAYMG8UMLBs7ADQBe5WfOC2od6EEif9znhw3-4VkwVXInO2CQibtWaXTr_EFVHeGfZ6yzONYBtJJoBWP6Vj_AgAAAGZSAAAADGgBB5kDMuNaLb9FSfk1XneBAQ7HZc4gp-U559taYJkn8CCn9C08eyGbpPiomjyjUVl6c_icUPgRzq79l1f-vSMGfHM8r1OLuc6T5mMw2ffwwBjtIUv3X3Y9CKn97p2p1HNxN-mc7ZDIrN5vac8Q8fKFmecj3mD3F5LCmrqv_N6rkeNtXruARe87WqVf-mqkGa3zcWLwHqSLbpJrYBE9yTw97UpFmsERqteiKug_TAcVzQmJkCsrMF-b1MaNCuA3Yz6MthSACUvu3nUWxxafqvFS6KLLgtOtZHtfppya23hCNepEwip5bqXz-iJVKwLJ3aiVp5AoWY7gCHW74DAKUwvR4w2qy8b2JIhM7f2fkKP3jURgSLnHuxPJYvIYlvKxEew3bkGHKmVqHG-RMGOuUNavldwlJUGLy69luItEAjrj4Y3wmT2zrjiMJB3h88JkwAEL_42ywzZcxVBVGCM7yL_CqU51xH3chf8tW3VNgVz8MYg6annjNpecLroUC_RD9zfD1UV16S02WGVQli-AKaQwrj3nQO9lPneDBuhvb9QNCn-CLNEHQ98xfTYl7z8vWrcbogwLL3x0ZRVPsyydna8XoGqKfnouGq8mbHjKBi6eqBH8lrIPIYKFOQ_imLD3TjHo9rHV1Fk9NOngZcwtggZPloh8HMCHg3gFF56e22J4c7iWeamF5bxWO-OjAXhRd1OdFyriJEavfIBWQBlGgzROe8OLR8keMWMRrBzxrUeCNkYKQhWTOg4fLRxAI_QrwpR3bfWa0TQ3jxK3_txBb4BCSwxGDnF3a1-Ek0pwgNLrhQUSvmd2MQLr53BB4fcQtbfFI7xGkE_fEQHnmUICuaZfKLEaowZs2RodFJtEZWeXLh5hUkKPbTjSHthDv2xCW6myrwO2boE-ieymhUZr5z9R1n6uY0nJ55ik2O1qAcm3dSufiSqaOibKJoVWqU_gUOV4QkRkpvNguve9LZzmvCW4w-U7N8TMQiTCVde-9vRAveQvXuTEYx7KT_DOiEhoK8RApwcQDaKf7g8XWO1j9xdhizO5z92dV40YUDTGVp2X_nzFMpQvTdxjgOgXlaMPlcYwrnAXUPfn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jiamianqishigotchardmengmianchaorengechadekamen_rider_gotchardriyu-ribendongyingzhushihuishe.jpg
static-a.xgcartoon.com/coverw/ 613 KB
614 KB 36ms
36ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/jiamianqishigotchardmengmianchaorengechadekamen_rider_gotchardriyu-ribendongyingzhushihuishe.jpg?w=780&h=376&q=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4018b46b1e9b200e6f5afeb654ebcac6f59cbdab10d0a3c986109084f6a080f9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 08:23:53 GMT
server: cloudflare
age: 190335
etag: "DE121E96DDAE98AB955E04260DB1412A"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e3906c5c8ffb-FRA
content-length: 627795
expires: Thu, 05 Oct 2023 09:49:16 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame A8DA 4 KB
2 KB 87ms
32ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=35649500001962104438268012468030&a=81e7fde4
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=ykuzho0n7xq0&nw=20&renderingType=javascript&namespace=a1e2f78d1f&subid=&uid=ad0aa20d535ee8b7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYlbdTegdZZ2yHr-e78EPm4-emAORwdCbabvpg5LcD_AuEAEg08vOMGD1lc6B4ATIAQmpApogfz3PnrE-qAMByAObBKoE6gFP0C-PwH-Eyp8hGmN5-ZfOHK-zG8NpLXHzWRCzlYAQZcYj4H7rDcNRqV2sRdzJ8cwYY2B0E32dsqcG4JEV5QI88AircMNGi1L_Eyqgf1IcunPsUREDMacTq4htu2ustZBuyVecz4hMd0DKIH4R4K0nhX7-1XUOS7wVMl4Wrgyc2QKXPeo34uAB90ljG6NndNt13eHWGdzxU32CAzIkB-6D60_BknGC6X2pF3BRHwAY7Wo_l-YCsslij34Q-sQyVIh5V7K92V35K9sTMVq_AqDCL6hasAjj9K1fyIGisUKnNBSfms24emmMqNTABPrGi478A-AEA4gFwd6i-D2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CQ0jIDQGwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI3Yyiz7ndgQMVP887Ah2bhwczEAEYASAAEgJAHfD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNmHPrtjMbpsgF3AfUL68A0yviSfyaRjV1Jym4KM67POUav2BtGAE%26sig%3DAOD64_07a6ywXoqTQKrw8wMOqhUaSAFgPw%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Bx59cMV7nTr48fAxfzd6kj4JrGFzzUemZWCnjFejeArzDSnKeYGBf7krmbPaGiqv5JkXpJCz8dbb9xcdGfzA9bGCv1BpDGK1ZCy0QJnpYVv-e8lRXdykuRTcIkkWsqbhr82IvhA8lb8cHZq1Xdrs6Z1tsXTqC0vUnthPTdnBFGNOVRO7k%26cry%3D1%26dbm_d%3DAKAmf-AwM9Y1fhZPkV2uPcBUxDoWUSz3AaLLcuvAcRXkugqLP-wX-LeJJsTMSaAkq2t-rmN0_5ejayVjI9qGY4T637YEUp2e47iq4YuUGesHKz1aTUjQEOoYL258WN8CTFWImSgWUVJgg0Ee8yXUa8sp6jsDkuEb9PUTaB4oWC_lEjmLHFugYh73iSsZt77EJLOsect3r2sgQOTB2f5JwwC-_51tZ5onfOc6fvd30dygQvyrncoa8RokDPwZbsdJwAThvpKf1kkLgoMbrJoRyv79yHM8hDBLx1JFFkzFqqDH9Ie1iLP1SWoI5Wwk62B7rUdB39KjQ8vpvrQtddDoM-_n20_KGuyMKBnZkTp0OqQV2hulxlIaxb8BxLfiC74cm4D74ECxpOXPYT6-pGsYCdQ6S-Ocka3MPcXWLdFv06JeodjYPK0WwZwVwkVysOMSHD7_Dm8Roh9RKvXAzix5oPEWJjLVyUK2wV8SI2p0ntjMM7G_wMosgsrviLALUSwpQv2VUQPI2FKRkwOakqXg9wduYfOAAlibovVNj3aplrkQ0wfUsghq8Pc%26adurl%3D&documentReferer=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fbbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=3930769775539&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 980c0996ed7861a8ad1219bd83f754d6b445bcc2a2b175c17a89318a6a7ca982

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1505
Content-Type: text/html; charset=utf-8
Date: Wed, 04 Oct 2023 22:33:51 GMT
Expires: Wed, 04 Oct 2023 23:33:51 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 07F9 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 52706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07F9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF0dVIB0Vr3X2SPz0QTp0-o&google_push=AXcoOmTo2pvCHhKRgK2PvQ9PeswY34hAsPzwWN42UtZXm-MH4AoyF8v7zV...

170 B
188 B

33ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF0dVIB0Vr3X2SPz0QTp0-o&google_push=AXcoOmTo2pvCHhKRgK2PvQ9PeswY34hAsPzwWN42UtZXm-MH4AoyF8v7zV0Ld5bz05D-xiw-noDB6mwuu8LJ31v1m6lx_fgBxZk

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230100-FRA
pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696458832.682626,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF0dVIB0Vr3X2SPz0QTp0-o&google_push=AXcoOmTo2pvCHhKRgK2PvQ9PeswY34hAsPzwWN42UtZXm-MH4AoyF8v7zV0Ld5bz05D-xiw-noDB6mwuu8LJ31v1m6lx_fgBxZk
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07F9
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEOZC3kssE-jqLpfPURvN26o&google_cver=1&google_push=AXcoOmQ7QrLMzyy35KgJmnuQEQGH8lnXF1JcRg6otFWcd2iVJ4LM1JSI8k7I5hzhd8IlwgWXEzGUAl4taZxTFRBouzfiidB9PA
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjhGOTUwN0FFRkI1NzQ1OQ==

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjhGOTUwN0FFRkI1NzQ1OQ==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NjhGOTUwN0FFRkI1NzQ1OQ==
date: Wed, 04 Oct 2023 22:33:51 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07F9
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEPDkhQOXRRN9bd9CMF5-hNo&google_cver=1&google_push=AXcoOmSymfWQfrJZXBKLNptrdXBK2GGBmpQs_pisnRpTvMkCapXzWXWwDsp-gftANDxD1wfDS4-J8kTz7JmZtdbgsPbqIdI4tuM
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=836212460386&us_privacy=1---

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=836212460386&us_privacy=1---

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=836212460386&us_privacy=1---
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 07F9 43 B
363 B 178ms
42ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmReto--OzBpF9ra_33PNyK_pSpdV7fTDXwgjkTGUQJQU-10ZLiJHWZ8KuJ-8UChmbnT8TRW3WC3vnSLyKtmapNZ05rNXIM&google_gid=CAESEClMk-ecE8d5g_MSXIuiJro&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 205906
expires: Wed, 04 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07F9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELwFkGdkmEw3vEBjIbuMilw&google_cver=1&google_push=AXcoOmSoPGNMs31QoGOkwL78V1W_T7TYoOVyzRvV0GO2IW973Ztihk-R41Q6o3D2bNvxfpR8km9pkeLa...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELwFkGdkmEw3vEBjIbuMilw&google_cver=1&google_push=AXcoOmSoPGNMs31QoGOkwL78V1W_T7TYoOVyzRvV0GO2IW973Ztihk-R41Q6o3D2bNvxfpR8km9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMjE3NjM4MjM2MjUzOTc1MQ&google_push=AXcoOmSoPGNMs31QoGOkwL78V1W_T7TYoOVyzRvV0GO2IW973Ztihk-R41Q6o3D2bNvxfpR8km9pke...

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMjE3NjM4MjM2MjUzOTc1MQ&google_push=AXcoOmSoPGNMs31QoGOkwL78V1W_T7TYoOVyzRvV0GO2IW973Ztihk-R41Q6o3D2bNvxfpR8km9pkeLayAOzUvIwylnISKHlncw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzMjE3NjM4MjM2MjUzOTc1MQ&google_push=AXcoOmSoPGNMs31QoGOkwL78V1W_T7TYoOVyzRvV0GO2IW973Ztihk-R41Q6o3D2bNvxfpR8km9pkeLayAOzUvIwylnISKHlncw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07F9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIQwc-AaNhhQS50lh43xeks&google_cver=1&google_push=AXcoOmTRhLuNGrIA28lwOghDdDYbIYHtn-qUlpjf2_cLXmkCoZ3T3OGYR_kkzTQ2q2lciQodmFuBua0O5WSB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTRhLuNGrIA28lwOghDdDYbIYHtn-qUlpjf2_cLXmkCoZ3T3OGYR_kkzTQ2q2lciQodmFuBua0O5WSBLFnm0EGJbrgNIcw

170 B
188 B

53ms
52ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTRhLuNGrIA28lwOghDdDYbIYHtn-qUlpjf2_cLXmkCoZ3T3OGYR_kkzTQ2q2lciQodmFuBua0O5WSBLFnm0EGJbrgNIcw

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTRhLuNGrIA28lwOghDdDYbIYHtn-qUlpjf2_cLXmkCoZ3T3OGYR_kkzTQ2q2lciQodmFuBua0O5WSBLFnm0EGJbrgNIcw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07F9
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOvOruEKU-CoG1HocJJcc2c&google_cver=1&google_push=AXcoOmQHExE5c10dWHYrDnBuJ1A5E2IJDhtosy4TMUH0KQA8XTf1dmcmgNqUlGu1ONo0EHXlyA0kxJAMoWx-UQvXEOvyggS...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQHExE5c10dWHYrDnBuJ1A5E2IJDhtosy4TMUH0KQA8XTf1dmcmgNqUlGu1ONo0EHXlyA0kxJAMoWx-UQvXEOvyggSsXvgf&google_hm=Nzk3NDMzNDQ...

170 B
188 B

36ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQHExE5c10dWHYrDnBuJ1A5E2IJDhtosy4TMUH0KQA8XTf1dmcmgNqUlGu1ONo0EHXlyA0kxJAMoWx-UQvXEOvyggSsXvgf&google_hm=Nzk3NDMzNDQ2NzEwMzk5NzI5OA==

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQHExE5c10dWHYrDnBuJ1A5E2IJDhtosy4TMUH0KQA8XTf1dmcmgNqUlGu1ONo0EHXlyA0kxJAMoWx-UQvXEOvyggSsXvgf&google_hm=Nzk3NDMzNDQ2NzEwMzk5NzI5OA==
Date: Wed, 04 Oct 2023 22:33:51 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 07F9 0
12 B 29ms
28ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ib4OCpOGw9U1VGtq2BR-_b7naM0DdMkm-p4wESG9yM7C6P8B4Vu-TPuO3X93K_UJuQMKAGqA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E64 42 B
63 B 85ms
83ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwSZgwQpCQumLP43pumMPRU5UxVyj8A8jRHQt8hyT0QytRnjnzrDpy1iGRwhe4XqFDzv_nM_p2GcGWri78LM8Mt3steIfDlgzF_mlXjayLEVWHnrE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458830860&bpp=110&bdt=1173&idt=253&shv=r20231003&mjsv=m202310020101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532335%2C31078488%2C21065724&oid=2&pvsid=3560551974905802&tmod=1630890057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.go2hh5yilrbg&fsb=1&dtd=269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E64 0
20 B 87ms
85ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12886265378802513539&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8E64 89 KB
31 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 8E64 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 18:58:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 8E64 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:43:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8E64 0
0 28ms
27ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQp399u5y5s4dDwtZpT-HmSQJvT1CV5Sc-wBtv7WbkG-VFow1cXMHDCUsQRXK2nAbAFLALTdztJXYWxnZ5iVCnUcCLxtw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458830860&bpp=110&bdt=1173&idt=253&shv=r20231003&mjsv=m202310020101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532335%2C31078488%2C21065724&oid=2&pvsid=3560551974905802&tmod=1630890057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.go2hh5yilrbg&fsb=1&dtd=269
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E64 187 KB
59 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 22:33:51 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0173 611 B
263 B 37ms
36ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ1oLRAhjT_Mr0ATAB&v=APEucNXuHZMSEgjmP0MwG9LSgaSwjAzy7hBaCM5SMZMmEBHwmsM7kDIB9Xp0ehnMQk-EoKmWFerBzQvc1SQR5En8GaIlhLW-Uw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458830860&bpp=110&bdt=1173&idt=253&shv=r20231003&mjsv=m202310020101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532335%2C31078488%2C21065724&oid=2&pvsid=3560551974905802&tmod=1630890057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.go2hh5yilrbg&fsb=1&dtd=269
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK S-120x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame A8DA 33 KB
34 KB 188ms
47ms Image
image/gif 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-120x600.gif
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=35649500001962104438268012468030&a=81e7fde4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:33:51 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-8530"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 34096

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame A8DA 0
150 B 115ms
36ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=35649500001962104438268012468030&a=7fb4aa52&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=35649500001962104438268012468030&a=81e7fde4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=35649500001962104438268012468030&a=81e7fde4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:33:51 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A8DA 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

200

bounce
ib.adnxs.com/ Frame 0173
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOSVpWATmxv9wcNyIZ7HGJc&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOSVpWATmxv9wcNyIZ7HGJc%26google_cver%3D1

43 B
892 B

25ms
24ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOSVpWATmxv9wcNyIZ7HGJc%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ1oLRAhjT_Mr0ATAB&v=APEucNXuHZMSEgjmP0MwG9LSgaSwjAzy7hBaCM5SMZMmEBHwmsM7kDIB9Xp0ehnMQk-EoKmWFerBzQvc1SQR5En8GaIlhLW-Uw

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
an-x-request-uuid: fac578ee-7a4e-480f-b6a3-aae3d758310e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
an-x-request-uuid: f8ff8985-0e6a-4d8f-8397-de93ef1a5bba
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOSVpWATmxv9wcNyIZ7HGJc%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0173
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxODU5NDkyMjc5MDYzNDk3MA%3D%3D

170 B
188 B

33ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxODU5NDkyMjc5MDYzNDk3MA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
an-x-request-uuid: 25f08054-e435-4981-95e9-6b51d3a88903
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxODU5NDkyMjc5MDYzNDk3MA%3D%3D
x-proxy-origin: 195.206.105.132; 195.206.105.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 0173
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENga1qu_HnIbse7ZRS1ZUx0&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENga1qu_HnIbse7ZRS1ZUx0&google_cver=1

43 B
61 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENga1qu_HnIbse7ZRS1ZUx0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ1oLRAhjT_Mr0ATAB&v=APEucNXuHZMSEgjmP0MwG9LSgaSwjAzy7hBaCM5SMZMmEBHwmsM7kDIB9Xp0ehnMQk-EoKmWFerBzQvc1SQR5En8GaIlhLW-Uw
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENga1qu_HnIbse7ZRS1ZUx0&google_cver=1
date: Wed, 04 Oct 2023 22:33:51 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0173
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDlhYWM3YjAtODEzZS0yNzk3LWViMzQtOTRjYjIzMjI0ZTcx

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDlhYWM3YjAtODEzZS0yNzk3LWViMzQtOTRjYjIzMjI0ZTcx

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 22:33:51 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDlhYWM3YjAtODEzZS0yNzk3LWViMzQtOTRjYjIzMjI0ZTcx
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E64 0
20 B 69ms
57ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1428389570076&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E64 0
20 B 63ms
52ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1428389570076&version=m202309260101&ct=76&x=1&cor=12886265378802514000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8E64 91 KB
38 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApgUwhVi54amho5QFZtQ5UZLlzuFrt9qahJuxJ_1tRw4bv3nP0p4TOjjQgsAlgrm0o-o29Tf86-yrvfdGr_X4mDERKgmcgibI9WcbH5oLB02nlHHk&cry=1&dbm_d=AKAmf-CcoQXFiiTj4nwF-oTmKYGHqz-Nprldv7QkSq0YShrUBXpYBtP9BG7Qlxf3JPkpPmXPJBGa-8kXtOn0w-oi53vFrWS8J77QjoXk2UI3d07bVWFd-jZJJQfoEV20SRKoSldTLdOEjqiy3Ycz-drWO4HkPwzajLqd_vhyGdTd72-gPIp6LCaQWBnpezKEfazZ7YrS2Ab03gHN278VIDFy9kEfRG6CeXflUjD-oKMh8IJnNZ9C8ZV51m39uR2n8894BF9qheYUGuGac-S2rFnqbnMEItYWkm2oa6w_OrL7Pmp3AxoJ1m77jYLqIpH6Qkd3akzHOSjxe-leu1_4A7xqoXJ3Vv-gyfnSgdG8bwPZ_tOfUHeE9SFiMqqtDAbSOghoOa_eZUWY3KidxXihn_3gzmojTS1jmmGlNkgkMmMY2pIvqYLgXg4PKaQ3lvnxXWKRvkH_uxCoHMaG_D9g3m98prx_m3FdMCv-Ft9KGM5383mkyWsHQFYsDqJhOBpmDn3gZF4oIdvEa8aPbht4SYCv3rQTxQ2gmASKB__FMSGSCEKNTGMNgoTOLBl2dW85LuG09FzDbW2uxpjEf8Y8iZyoxw6ntw48WyrXgfP7SOXxJXEk8dVC8O_B9SCsMENUP_ZQsup8VjSDg2ORrHeBsD2W6wZXpm93R3mCdY9eW2R6WiuLSH_d9SjofmIyXVSHy9KsGsnMJY7iHlL3m-yBxLR4JOzb3KaADVfzlAcQJ3HRUj0ZDHiI-LrJEP-4rodiqOGUgsoHjl9SleonyGHc5PYq7Sih1osn-ExV9cU1MQCQ0hZPFAU9558CXaSfHKI7k3geaJ0we6OOncKb3Cd6yQcVUT_vaOKTCXZDDmovFC4WRtiSb0sybWRReHfrAuBRbDl-zS2seau60YK7liACVkIi3rVQIQbtAhSMN9QFG9-te_h-zApJLUPGptd1ejk4HZ9zAzRKacAeoJftMbLYhJT3zfg5Fa-pudZpRd9wD6X9zlBlmT3bajSHFa-Td6o9SfEnyeSHG93Ff-YH9nnoKUG_U1VONnAEMYbJUbtEyB4tIZduOoPlrFjr_6dptXAmAewnzEYNBRU1cYGizBuTxf7TnnBejMq5E1cD5EoOnBDB2TmSmh24pg4jgCXgQyD_7tcGqIu4XKNUcpmeUUEWravjKPdVeWRnOE-ouQkv94i0Wpj1EBrDRDK6Hjis5HhPD5puOBd5gZa4W1nC9fdLRJVNFA00z94f_ZzofrSxsUMArcQY3MJH-HrqFWsC9iWI0tqV_Vd_PHniSzneaGul_V5QrdOLyGlvkcN_VGdEmMRe2EDQWYSo6zdghfsER1umw6NedNgy-AMK5ks9YEk5_TvCjOY3YBI70-tVCYPeek7icZVnAFaR71O68cSrmZNiNmoCNcrzf0_MlD-4FTn2ak21LH56pTJuE6013rmwtftMDYwpGSBnaooHIVCap9giyA4P1-s21LjsDtCsjS17Ue3T-r9YOj7zuJ44Ekkzx2KnYBqwXxqLe5onHa8DuIcGr0IU3Cb9b94K55g_mwUnT8xlsrlgTmJFpMPv-l0itstijLiIazIunrkov47dr3NcYjKwUM6ShSFfkGjIVg6xoW6ozITU2JTCMeSSDx7WSobaYxu0qI-ajLHzvZkWnlWSBvlKujgTPoCPvLUGgSyEdQBBVVScs7QS5fu6NqabSra8y5ZZvjKF3-wAcf9FhcpbnL6ASUmCPnOwY15kwqH0t5eaR1wL6UxPEckIQ4GsBROvRrjY1OrCeAnsNy6RKYmljjBck69EZstWpqaElq2mg1qBnW2o-bYyBT2UtXRTaI0BjUVKVSPlK7JMaoeDyX5jYQqQTjvCue0AEqa-lIn0QBhP5H3CLVI_rUNaGY9go9ScOZ2q0u6idbf1aLT0XAP2H2QWpvM6xKCRRV-A63LXekEz_Hn4rwDgviRMKpmG8YOV0vdmhuSKOcOkqGZ2c3PK6UZ-yHAAazZ4a0Uoi3rzF_wd088hX8FmCGjKTaDE-5pirVxmbMPLxxGOyLVqGi5Bng1zDtuirIAcSFJ2u-KrcWXvnZBZ365YFSCNvO-saInYMZ3Hx65mp5rTfipG6ozMI9hu07f4XOnx_H1V3iln5NCzNNDMr2M1GNBpgnmKt_n7TCdOoFHbJ1unvz0k9-xOTSmGbxlGnJvC5xkhmhNJoSq49fcLetxgXaYu1v5X2asZ58krsK8yDdCeAj2AF9IvIyZQp2ne3fxsLAodKXXy1ZabihhW-9vd3bOr8UretWGDGft4Bfr9N602JBvgNu3vr2v4JZsOpy-mQFkK8t_doEaQzSwAcA9ZAS28qN8z_3jG1lFAooHjw6a5AecnxPXuWy2JTU5g_QdHF6QYS76UNSjlxEv_bipzSI3kxTxLKnNfy5rO8RDGRJb-MyoM2KzQPy677gF3of-0kwBeG_C772WvXxu6my51HDH1WZTemC7M6V2VwiGq3Z6XXGD2RA2ajkGacGqwBfYj8I4qS_WjoxTfKBIfpy042n-hPjR_69QvZALDGfRJmBEhefziNmgvcDbgDWI9jYIVRvsPHOrZbRnjrBxVyyKnphJgPXAWXjIzjqLxNOPjrZnBliXWW6AkfLgiAb8uhQVy4wJUsK6-iSzVAdOupCn3hOjKdRcFHM-ltKIA_cKWKVVlL_psqG_wLIcEg9yEfhv7IEuL4scx1spKRU0xB0jAB-YQTwXfZ2TNXUB8xli11ttYmD3pnQKPzsYULTKIHQQYmnvDCD8qlG3GZFu-UH4IIHPYawxclYzk0td_RFVGfxupjw0OiBy11e60JmJZz27xwJeLD4lW7NpU5wZsdg-lB2CJ2Ib9lHWuNc06w7sLR2fE7LmgR7pymUXmB0MQ75q4W3AnaJalNziQVU9L5zd3Eo0SHKLINiuDzJhdDea3rIMAmQYIWDAKfySVmyuCUbuSa-0bIODcTwhgAVN0yRUBQTNAd2KTl0q5taJA3I1nw0WldNShYCNhG30369UcZPkLw-nSvb-MG307I6ZH7cl9Ih2Be-IsNUMQ1ZhW8lLaTXpe_zfPTNHE452dn6P-8EC7_qAS0YnvhsdGvx-B63zGEaSS5w0tiojUVbPey0oPQqfuekUOGKHM-uCpejfbkglolp72kPO3rIzS6sqPlfy2fZSVRviyE4k51_ni8QFHSbSlBTFoBGWKsgZJ75eTVvbltgHJJCWJEdgCp5gi95MATefpzQXPd8WgOzpsog8xSVoWkCddG-T4VmaPfhqke24KOiTBVE7dAaostF4oy-UU2-z8CCIufRWnrhIkboRnq3M1DGBaQdBJwUe5Cq-odjtUhygsifLzYdfuD28B7bVfl9h-HkC0je2UnEZwcuwoPmDehrlrz8dlJ7Bey7v4fI02KYBoB98vmT4KvgK4xPtN4blwMgAJicALfGYK4O46vpeheYOfYt_EqOpMHzSunvNMMYfVzCERYjoZ1ZT-jnZMh3Li7uLpJ3p2aMbfvBJe0cQhxnOo6jgIFw0bbKaZly0zDapghAzOGLmSw-1y0B403g&cid=CAQSKQDICaaNak0xyRcV_J4DjOr5MSySKJxz4cIC0HqgAV_kAjbRaxffxEt4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=12886265378802514000&adk=929882891&idt=111&cac=0&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5687f52f08a9f9f1153b46235ab30540dddf2c3302635aa9ef9a66017602b4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458830860&bpp=110&bdt=1173&idt=253&shv=r20231003&mjsv=m202310020101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532335%2C31078488%2C21065724&oid=2&pvsid=3560551974905802&tmod=1630890057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.go2hh5yilrbg&fsb=1&dtd=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38599
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B3B 0
0 102ms
55ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDy3E_ndx3clBuOaKz4JdZf-E5o5BOb4UwRwMAlKxaJDJbz8t93693zRho5-o05R7FlObs-nr3ZGo19-nDLCpr0oUyitP4n6FFDfUDHgueQh8OJR0nf8HeFTUOvdOjrvqJnahCHu7b7hf6pt7mqACApAOiSvG3-i9JlHGbHbejBfNSTLkHFZOw1svkXENtFkesBgz6hJBusXXZHRl8-EF1iX3dAl0V-H8a-HIFgY6in0VeUy7JOeZhRmm0lRqUZgmCkbHydqCF0tnazZKSPhI3tJ4GjcCTT3ojmfWBd9VACKrkPcwdb4y8dPpMolrtJZDglVLJHdPV8SlJpyO8XhRAbgX7qGI3p4sDnCiZ0g&sai=AMfl-YSGvJst_iqCAsPM-jBMHYKheI5IOkOpkMPxZZxJW0Hzk5VmLMyWkk__Qs3vFfXJKSgayfcYr7bvUgfWrCM&sig=Cg0ArKJSzBleDOT7_e3QEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Oct 2023 22:33:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5B3B 16 KB
12 KB 37ms
35ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231003&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3433b653441ee310710efa1cc36525282510c78fef28ede6b2504a06cb00fb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12149
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8E64 172 KB
61 KB 86ms
19ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 12:29:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame 8E64 11 KB
4 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApgUwhVi54amho5QFZtQ5UZLlzuFrt9qahJuxJ_1tRw4bv3nP0p4TOjjQgsAlgrm0o-o29Tf86-yrvfdGr_X4mDERKgmcgibI9WcbH5oLB02nlHHk&cry=1&dbm_d=AKAmf-CcoQXFiiTj4nwF-oTmKYGHqz-Nprldv7QkSq0YShrUBXpYBtP9BG7Qlxf3JPkpPmXPJBGa-8kXtOn0w-oi53vFrWS8J77QjoXk2UI3d07bVWFd-jZJJQfoEV20SRKoSldTLdOEjqiy3Ycz-drWO4HkPwzajLqd_vhyGdTd72-gPIp6LCaQWBnpezKEfazZ7YrS2Ab03gHN278VIDFy9kEfRG6CeXflUjD-oKMh8IJnNZ9C8ZV51m39uR2n8894BF9qheYUGuGac-S2rFnqbnMEItYWkm2oa6w_OrL7Pmp3AxoJ1m77jYLqIpH6Qkd3akzHOSjxe-leu1_4A7xqoXJ3Vv-gyfnSgdG8bwPZ_tOfUHeE9SFiMqqtDAbSOghoOa_eZUWY3KidxXihn_3gzmojTS1jmmGlNkgkMmMY2pIvqYLgXg4PKaQ3lvnxXWKRvkH_uxCoHMaG_D9g3m98prx_m3FdMCv-Ft9KGM5383mkyWsHQFYsDqJhOBpmDn3gZF4oIdvEa8aPbht4SYCv3rQTxQ2gmASKB__FMSGSCEKNTGMNgoTOLBl2dW85LuG09FzDbW2uxpjEf8Y8iZyoxw6ntw48WyrXgfP7SOXxJXEk8dVC8O_B9SCsMENUP_ZQsup8VjSDg2ORrHeBsD2W6wZXpm93R3mCdY9eW2R6WiuLSH_d9SjofmIyXVSHy9KsGsnMJY7iHlL3m-yBxLR4JOzb3KaADVfzlAcQJ3HRUj0ZDHiI-LrJEP-4rodiqOGUgsoHjl9SleonyGHc5PYq7Sih1osn-ExV9cU1MQCQ0hZPFAU9558CXaSfHKI7k3geaJ0we6OOncKb3Cd6yQcVUT_vaOKTCXZDDmovFC4WRtiSb0sybWRReHfrAuBRbDl-zS2seau60YK7liACVkIi3rVQIQbtAhSMN9QFG9-te_h-zApJLUPGptd1ejk4HZ9zAzRKacAeoJftMbLYhJT3zfg5Fa-pudZpRd9wD6X9zlBlmT3bajSHFa-Td6o9SfEnyeSHG93Ff-YH9nnoKUG_U1VONnAEMYbJUbtEyB4tIZduOoPlrFjr_6dptXAmAewnzEYNBRU1cYGizBuTxf7TnnBejMq5E1cD5EoOnBDB2TmSmh24pg4jgCXgQyD_7tcGqIu4XKNUcpmeUUEWravjKPdVeWRnOE-ouQkv94i0Wpj1EBrDRDK6Hjis5HhPD5puOBd5gZa4W1nC9fdLRJVNFA00z94f_ZzofrSxsUMArcQY3MJH-HrqFWsC9iWI0tqV_Vd_PHniSzneaGul_V5QrdOLyGlvkcN_VGdEmMRe2EDQWYSo6zdghfsER1umw6NedNgy-AMK5ks9YEk5_TvCjOY3YBI70-tVCYPeek7icZVnAFaR71O68cSrmZNiNmoCNcrzf0_MlD-4FTn2ak21LH56pTJuE6013rmwtftMDYwpGSBnaooHIVCap9giyA4P1-s21LjsDtCsjS17Ue3T-r9YOj7zuJ44Ekkzx2KnYBqwXxqLe5onHa8DuIcGr0IU3Cb9b94K55g_mwUnT8xlsrlgTmJFpMPv-l0itstijLiIazIunrkov47dr3NcYjKwUM6ShSFfkGjIVg6xoW6ozITU2JTCMeSSDx7WSobaYxu0qI-ajLHzvZkWnlWSBvlKujgTPoCPvLUGgSyEdQBBVVScs7QS5fu6NqabSra8y5ZZvjKF3-wAcf9FhcpbnL6ASUmCPnOwY15kwqH0t5eaR1wL6UxPEckIQ4GsBROvRrjY1OrCeAnsNy6RKYmljjBck69EZstWpqaElq2mg1qBnW2o-bYyBT2UtXRTaI0BjUVKVSPlK7JMaoeDyX5jYQqQTjvCue0AEqa-lIn0QBhP5H3CLVI_rUNaGY9go9ScOZ2q0u6idbf1aLT0XAP2H2QWpvM6xKCRRV-A63LXekEz_Hn4rwDgviRMKpmG8YOV0vdmhuSKOcOkqGZ2c3PK6UZ-yHAAazZ4a0Uoi3rzF_wd088hX8FmCGjKTaDE-5pirVxmbMPLxxGOyLVqGi5Bng1zDtuirIAcSFJ2u-KrcWXvnZBZ365YFSCNvO-saInYMZ3Hx65mp5rTfipG6ozMI9hu07f4XOnx_H1V3iln5NCzNNDMr2M1GNBpgnmKt_n7TCdOoFHbJ1unvz0k9-xOTSmGbxlGnJvC5xkhmhNJoSq49fcLetxgXaYu1v5X2asZ58krsK8yDdCeAj2AF9IvIyZQp2ne3fxsLAodKXXy1ZabihhW-9vd3bOr8UretWGDGft4Bfr9N602JBvgNu3vr2v4JZsOpy-mQFkK8t_doEaQzSwAcA9ZAS28qN8z_3jG1lFAooHjw6a5AecnxPXuWy2JTU5g_QdHF6QYS76UNSjlxEv_bipzSI3kxTxLKnNfy5rO8RDGRJb-MyoM2KzQPy677gF3of-0kwBeG_C772WvXxu6my51HDH1WZTemC7M6V2VwiGq3Z6XXGD2RA2ajkGacGqwBfYj8I4qS_WjoxTfKBIfpy042n-hPjR_69QvZALDGfRJmBEhefziNmgvcDbgDWI9jYIVRvsPHOrZbRnjrBxVyyKnphJgPXAWXjIzjqLxNOPjrZnBliXWW6AkfLgiAb8uhQVy4wJUsK6-iSzVAdOupCn3hOjKdRcFHM-ltKIA_cKWKVVlL_psqG_wLIcEg9yEfhv7IEuL4scx1spKRU0xB0jAB-YQTwXfZ2TNXUB8xli11ttYmD3pnQKPzsYULTKIHQQYmnvDCD8qlG3GZFu-UH4IIHPYawxclYzk0td_RFVGfxupjw0OiBy11e60JmJZz27xwJeLD4lW7NpU5wZsdg-lB2CJ2Ib9lHWuNc06w7sLR2fE7LmgR7pymUXmB0MQ75q4W3AnaJalNziQVU9L5zd3Eo0SHKLINiuDzJhdDea3rIMAmQYIWDAKfySVmyuCUbuSa-0bIODcTwhgAVN0yRUBQTNAd2KTl0q5taJA3I1nw0WldNShYCNhG30369UcZPkLw-nSvb-MG307I6ZH7cl9Ih2Be-IsNUMQ1ZhW8lLaTXpe_zfPTNHE452dn6P-8EC7_qAS0YnvhsdGvx-B63zGEaSS5w0tiojUVbPey0oPQqfuekUOGKHM-uCpejfbkglolp72kPO3rIzS6sqPlfy2fZSVRviyE4k51_ni8QFHSbSlBTFoBGWKsgZJ75eTVvbltgHJJCWJEdgCp5gi95MATefpzQXPd8WgOzpsog8xSVoWkCddG-T4VmaPfhqke24KOiTBVE7dAaostF4oy-UU2-z8CCIufRWnrhIkboRnq3M1DGBaQdBJwUe5Cq-odjtUhygsifLzYdfuD28B7bVfl9h-HkC0je2UnEZwcuwoPmDehrlrz8dlJ7Bey7v4fI02KYBoB98vmT4KvgK4xPtN4blwMgAJicALfGYK4O46vpeheYOfYt_EqOpMHzSunvNMMYfVzCERYjoZ1ZT-jnZMh3Li7uLpJ3p2aMbfvBJe0cQhxnOo6jgIFw0bbKaZly0zDapghAzOGLmSw-1y0B403g&cid=CAQSKQDICaaNak0xyRcV_J4DjOr5MSySKJxz4cIC0HqgAV_kAjbRaxffxEt4GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=12886265378802514000&adk=929882891&idt=111&cac=0&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:45:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame 8E64 30 KB
11 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 22:23:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E64 41 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B3B 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:33:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ADCE 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 52706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 778B 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 237649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ADCE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJnUQJqbwbs1qpt1AXjxGj8&google_cver=1&google_push=AXcoOmTOHmHGMWEkUuCxRjPEByHNhjyTV2YlhsXEQhApnf2o-x1HHFh5vOiEdeyvS7wAX1CAXvllyynnZl3EoIs_ImpNkxsv4t3q
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0849F6E82AC7407A98D7BA082E9E2729&google_push=AXcoOmTOHmHGMWEkUuCxRjPEByHNhjyTV2YlhsXEQhApnf2o-x1HHFh5vOiEdeyvS7wAX1CAXvllyynnZl3EoIs...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0849F6E82AC7407A98D7BA082E9E2729&google_push=AXcoOmTOHmHGMWEkUuCxRjPEByHNhjyTV2YlhsXEQhApnf2o-x1HHFh5vOiEdeyvS7wAX1CAXvllyynnZl3EoIs_ImpNkxsv4t3q

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 22:33:51 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0849F6E82AC7407A98D7BA082E9E2729&google_push=AXcoOmTOHmHGMWEkUuCxRjPEByHNhjyTV2YlhsXEQhApnf2o-x1HHFh5vOiEdeyvS7wAX1CAXvllyynnZl3EoIs_ImpNkxsv4t3q
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 03 Oct 2023 22:33:51 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame ADCE 0
173 B 76ms
27ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKvsJpyCpZA5K2goIwwUKFo&google_cver=1&google_push=AXcoOmTclekkSWVn9bcvhCSTt2kkznT-ioZF5x_R6xQ5WN-2I-UTGSj_01OS6_4QsISP4F_oM69yjXqhO2QpPQAxat7RzzJJ-jE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696458830860&bpp=110&bdt=1173&idt=253&shv=r20231003&mjsv=m202310020101&ptt=5&saldr=sd&is_amp=1&correlator=583&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1386143446&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42532335%2C31078488%2C21065724&oid=2&pvsid=3560551974905802&tmod=1630890057&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.go2hh5yilrbg&fsb=1&dtd=269
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ADCE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFnVQN6k86BYOvnaeZKU8Ds&google_cver=1&google_push=AXcoOmRN1Ah_CCD0_U39Vls59B9_2of1CUIJpH2Zz23nxTHDDvCkPZWOmrhr_ZSS-8bTiVhA_nPixNlMqnbv4LkWkc-gGEg...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRN1Ah_CCD0_U39Vls59B9_2of1CUIJpH2Zz23nxTHDDvCkPZWOmrhr_ZSS-8bTiVhA_nPixNlMqnbv4LkWkc-gGEgq6GHa&google_hm=eS1yQ3ZfQWdKRTJwRTFrST...

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRN1Ah_CCD0_U39Vls59B9_2of1CUIJpH2Zz23nxTHDDvCkPZWOmrhr_ZSS-8bTiVhA_nPixNlMqnbv4LkWkc-gGEgq6GHa&google_hm=eS1yQ3ZfQWdKRTJwRTFrSTQwUGZaWC5nQmZCWDZuc0xNQn5B

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 22:33:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRN1Ah_CCD0_U39Vls59B9_2of1CUIJpH2Zz23nxTHDDvCkPZWOmrhr_ZSS-8bTiVhA_nPixNlMqnbv4LkWkc-gGEgq6GHa&google_hm=eS1yQ3ZfQWdKRTJwRTFrSTQwUGZaWC5nQmZCWDZuc0xNQn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ADCE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHJeHFyokNbYdOnsNz6150Q&google_cver=1&google_push=AXcoOmS_lxAUAqtOXai5dWKrsHheBrv6pbby_UUxZ90MuFqN7YEuGybe6LqlnFEFz3_cWwbyCbd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5DQlNDQlotMVQtSE5MMQ==&google_push=AXcoOmS_lxAUAqtOXai5dWKrsHheBrv6pbby_UUxZ90MuFqN7YEuGybe6LqlnFEFz3_cWwbyCbdHArTk_aZrwxzZGauZa62qDWXe

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5DQlNDQlotMVQtSE5MMQ==&google_push=AXcoOmS_lxAUAqtOXai5dWKrsHheBrv6pbby_UUxZ90MuFqN7YEuGybe6LqlnFEFz3_cWwbyCbdHArTk_aZrwxzZGauZa62qDWXe

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5DQlNDQlotMVQtSE5MMQ==&google_push=AXcoOmS_lxAUAqtOXai5dWKrsHheBrv6pbby_UUxZ90MuFqN7YEuGybe6LqlnFEFz3_cWwbyCbdHArTk_aZrwxzZGauZa62qDWXe
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ADCE
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQvBV7ijOufdYsTsaKiQ1HJ7oW7RRq5-hKSHgeW9xMjuySA8uvuKQcCcunDxr0Bz_V0nnbVeZw5dI1FBngarU8UJu-VdB82&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-f1ee9452-3b34-417b-b572-ae1fa9f172b8-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQvBV7ijOufdYsTsaKiQ...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQvBV7ijOufdYsTsaKiQ1HJ7oW7RRq5-hKSHgeW9xMjuySA8uvuKQcCcunDxr0Bz_V0nnbVeZw5dI1FBngarU8UJu-VdB82&google_hm=A_HulFI7NEF7tXKuH6nxcrg

170 B
188 B

34ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQvBV7ijOufdYsTsaKiQ1HJ7oW7RRq5-hKSHgeW9xMjuySA8uvuKQcCcunDxr0Bz_V0nnbVeZw5dI1FBngarU8UJu-VdB82&google_hm=A_HulFI7NEF7tXKuH6nxcrg

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQvBV7ijOufdYsTsaKiQ1HJ7oW7RRq5-hKSHgeW9xMjuySA8uvuKQcCcunDxr0Bz_V0nnbVeZw5dI1FBngarU8UJu-VdB82&google_hm=A_HulFI7NEF7tXKuH6nxcrg
date: Wed, 04 Oct 2023 22:33:52 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf1ee94523b34417bb572ae1fa9f172b8003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ADCE
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDE6HGwuKcskgZSUvInpxPk&google_cver=1&google_push=AXcoOmQjbS9dzwTKF-JIxvNLroso0lGqMaEXlcJk4btCveiz8q7hk9tQ5ib3Fxsyo0F1KyAMAH_AJrEbCAcNyDbSOlSiIC9UzsA
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQjbS9dzwTKF-JIxvNLroso0lGqMaEXlcJk4btCveiz8q7hk9tQ5ib3Fxsyo0F1KyAMAH_AJrEbCAcNyDbSOlSiIC9UzsA...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUyOTM5NDk1MDk5OTA0MjU3OTQwMw%3D%3D&google_push=AXcoOmQjbS9dzwTKF-JIxvNLroso0lGqMaEXlcJk4btCveiz8q7hk9tQ...

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUyOTM5NDk1MDk5OTA0MjU3OTQwMw%3D%3D&google_push=AXcoOmQjbS9dzwTKF-JIxvNLroso0lGqMaEXlcJk4btCveiz8q7hk9tQ5ib3Fxsyo0F1KyAMAH_AJrEbCAcNyDbSOlSiIC9UzsA

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUyOTM5NDk1MDk5OTA0MjU3OTQwMw%3D%3D&google_push=AXcoOmQjbS9dzwTKF-JIxvNLroso0lGqMaEXlcJk4btCveiz8q7hk9tQ5ib3Fxsyo0F1KyAMAH_AJrEbCAcNyDbSOlSiIC9UzsA
date: Wed, 04 Oct 2023 22:33:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

0.gif
id5-sync.com/i/495/ Frame ADCE
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEMOdyNlEeAsv9Yy5bsofDbc&google_cver=1&google_push=AXcoOmRwB83fSnXi6xHcJsUXn-sKc78MACYL59qoMTxe7Ub7nWOUDRJBWBSqPPhLH3du8mnLP2Ps7FSrXK-P7mwCxGOE_dKo3r318Q
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRwB83fSnXi6xHcJsUXn-sKc78MACYL59qoMTxe7Ub7...

43 B
921 B

88ms
24ms

Image
image/gif

162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRwB83fSnXi6xHcJsUXn-sKc78MACYL59qoMTxe7Ub7nWOUDRJBWBSqPPhLH3du8mnLP2Ps7FSrXK-P7mwCxGOE_dKo3r318Q

Requested by

Protocol

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 04 Oct 2023 22:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

date: Wed, 04 Oct 2023 22:33:52 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmRwB83fSnXi6xHcJsUXn-sKc78MACYL59qoMTxe7Ub7nWOUDRJBWBSqPPhLH3du8mnLP2Ps7FSrXK-P7mwCxGOE_dKo3r318Q
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame ADCE 0
12 B 31ms
30ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J30edBCMtY5WIz-2oOIrpGmYTz88zZsoz9sxgBLO6mhzgn47fQ_deL2hvf991wkqFcdQDiTw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8822 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 8952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 20:04:39 GMT
expires: Thu, 03 Oct 2024 20:04:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1CCE 829 B
561 B 36ms
36ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb8c03490b8678af5012ec332fde4de41551ee867b15b8ccf03cb96685ea8efa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m-MAY-NXIWEmQpP952soNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-m-MAY-NXIWEmQpP952soNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:51 GMT
expires: Wed, 04 Oct 2023 22:33:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 778B 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 04:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 04:25:29 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8822 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 20:04:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 20:04:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1CCE 0
0 55ms
54ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231003&jk=1972462585347372&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7224228829127448257/ Frame 4A86 724 B
451 B 262ms
27ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

191508e656696b753890ee1e00b9003b65ada37cb380d027f6ff624a5e58c119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 423
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:52 GMT
expires: Thu, 03 Oct 2024 22:33:52 GMT
last-modified: Tue, 01 Aug 2023 13:35:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E64 0
0 301ms
68ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvH52KGgcRrxF0Ud-bdXHWRmD-jdTw-LikJKCc2FPN2fi2j94htzihFyPmkugeU1YLVK9TSvKMaRFNbyhRWi8z9xDuzWYBfVoJXIEEDkUIj-mLESIQIly-UK34UdEFstsam5_bKfVszSIXui8aRdehg8o28NaY1KnSSrncwaePcz_j6clOaxnaTUrPgkR6DGJT-8cMPAZCTAD9e36Khu2WAL-3VxdzOf4LAUzdrUuS2YTGYvfqmURCH66sXVp8VyhDTMJDmqKZkKPF-OFpMZ2VwYpXVKN6USXlopk8H6EOMXhYQRaHcTOg3EsUZ8n81z6God_OkBOikRLRZCzOK7GjwsWjtOr21y85ZaxJrAJvlN88TGdU3T84_Wx2OWQ0S8TJAekb3SeT41Aqg4O1jpupli4twuk5Lwr6NKTgWE6sXQvWBMPQqJ3q8l6EylDeZaefbd2V9LrPq-6K6eNErzWu45X0F7yQlO7k9PP3iCBFckqvdxoqVqtSGG6jmWDYIAtHpGSUBFFTZXfJXWoXZZLerL7qEicUwiLLNWKUC2LQCptLyQvC7aR9EUBdBmQjBUFyjK4EbuwRUPn8wvDWgcTu45qa6N7KmngiFxWaIhhpPK2eQoDArRmxQGLJ6g6j7ICSx4_M0JTopo_uicTkyGYcD88_5fVJ09V-5Xnov-suFWUehcyoGpa5D0cmSgr5VJPVPB2pMIbZNGjAh4YuoR5fZ-COarp609pYyMDTTJ1FRAR_0UbH7JcEJmFIPvnFSadpEJT-6DAjZ72hgibc-IBZ-xQV5G37nCxXpcSuICXA3l5EG0XCs_5QEIPyok2_w5QaoeH8OPcNHoUcuVXcdZb_Cnku7ahB8xgbagIc3g5s00VAsyyNHDToC-OVchLg6HgM-NerNbdyVozmhx8OIVEDXIxhs_YYMK_8F-UH8kHHqxn2TMWTaQAz6GrqGowHaA3CW-cRAUWDeYFHIrvT8dJhiHZEdJnqMjC5xh422CqJOwqQSuqsp6OZmB102QySPc1JpshFdTFFBgCFLc75BmKukqct1lKKDz3nboeVKSbkjRt69jTm4yMOeyqXu_qdnRUgbHbZRkpBzb7kV3ykDfSZKz7ne0DIRFadfVBO5T4MJse1qcxkpncxM02bxUOQ9DmbZ9M13Zu6CYM2Q265xuwv-WNmemBOAAfNJEmzqKGqqpjjwqGKdudnP9UOwAzLijzXutqbFbQswKOeOMO29EuorZe-rHLoIBKVOxYmU5GZm8NSngEly4JvY4yQuNBJv3FIzLw2Afz8jDTN3mXoygrUc8uE2EEaivMgo9vwxgZ66M1dybWMy1fmm8ZoJYww9Z08&sai=AMfl-YSFykzQPmLZtclAzkO6L1X5nE1Qu0n2MLFvjKwIR7w5tOFcW52EAvV3CN1pwhb9raroH9fXMOfN6AQPfgSwyRXAe_2aC-dFuy723_uCdTPmH7nubUGFQvsk10KXZ_DCkshu-m0OTBZ2njlTP7hSMp6dXNevBW1gffp_-wuKD6m9XKt9_aA3yEB3BkWWwQgRda9rt-g0iBDN&sig=Cg0ArKJSzHzNmAxY39YoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cstd=132&cisv=r20231003.10186&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 22:33:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 8E64 60 B
60 B 287ms
31ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=os-mindshare&extProvApi=os_ch&extLi=26908321&extCr=154242867&extPm=374726403&gdpr_consent=&gdpr=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 04 Oct 2023 22:33:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 04 Okt 2023 10:33:52 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1871
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8822 0
11 B 23ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aoWepQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 778B 0
21 B 58ms
58ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCvWFT-gdZf-ALpSigQeqgbWgBgAAAAA4AeAEAg&bg=!BQalBknNAAYMG8UMLBs7ADQBe5WfOO1L9lCNROKecR_ARnb_NGjXoEKIyMh_0MWx1ZRYMlQ2SZZnJXvVEIwxCp8VAzV-AgAAAIpSAAAABWgBB5kDMmP1QRxpC4gHp2tjIC4zqjjVldD6yqvml7sdpAbVG1ZvD-jhKK9Hk4-eqmuh8LQigafPm_KQSKo0r-XZzK6LaQNYNbzedSSJaJe5IUXMOPLNYjLza0apETAAGuniRunANWyOGAFfN4bK2jTqttNYp3zIEJTh3TRgDwWPJ7OriBnpkhsKtE6Mg1RdPUj0mWiOr-VoTumf_9UB2RbCpVLumK1KGBNDDSHr3Bwr5FtPo4z7a0z96VP_-q9UGR64Q2j8J73kygl4dxDPfkJufNIzIzzmG-sctuO5Nwaqy2OxepHy6xuHmGXpzgpAuslBGaaS5P_Oi8ax-5bmXs_xvwYsunip453sAHkVEZbH7xJpQQ_PdNI98_fEPiMSaQo6XDad571UE58cvHOGi0sFFZF3Yy9iI0Hjc9Brj8eKoqpD3XOkKf0trEoCUGu-MGvroaM_l7gUBuqxoTyDI7IpE0W2l0u1z9fSncIGwk7nYRuyyWwq-jroWBdafIQRYz7yTjZSTvqb_zz7csA9HfHM8V_iuC_wX6M-t2-jdoleBC0itXpHHzM1BzAqmFBN4cF7lZT9XA9MAeH9OhMlnXddym9QNMS2RndbJs-s22OmJnM39Z7MChsDB5qB3GM1NPiV5-b4dfao0YZlu7er_XcxfAi8Zxc2NZmx77krYNs643LoFMKQEe2t_lGCzfJdhlgHbcHND8F_DqmD0XWtZnQY4rvclu1apNAReI6_iRJAOITk8JB8pKZxhQrQ2I-W363sjULIwKKRmdQZ2afcqpYT_rjmv74LEepUpz7SXSXFIBi_43dHXNt-1g1f5YNJhvu0Yz6W4VPffJ9sBPwOOH1pWwqu40SHr1ZtEZuNWlCaHNU0_sJJPrvzh9oAuuegguUMUXmkb5dx5NB13TOz9X1lFRUY9JbFmF14dSnkBETH2M_Yfiad4QqaryvFCNjsmTnte5wlV9pdahv9rWgA_uAwU6I1L1p21NrHzZwK_CIY7uK9If7ZLd7G7DtlsnHT4OxnbdCp4Bpa-C4JlCEflIrbnajFEe9ZxCrr8yQ5MohOZD9XFFcbZZzjHGgEJoPGrX4X_sCpv579

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 4A86 120 KB
41 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 08:25:03 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4A86 63 KB
25 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 22:33:52 GMT

GET
H3 200 de_CH.js Show response
s0.2mdn.net/creatives/assets/4401560/ Frame 4A86 107 KB
39 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4401560/de_CH.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb749752a23c013624343163618c79882fd7f061ad5b93160527ff47c3a06d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39551
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 10:24:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 22:39:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4A86 7 KB
6 KB 32ms
31ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

894066365d51ab4e9027bc130182a116c92290f15e6400b44d36deae4ceb274e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5720
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E64 0
0 60ms
59ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvH52KGgcRrxF0Ud-bdXHWRmD-jdTw-LikJKCc2FPN2fi2j94htzihFyPmkugeU1YLVK9TSvKMaRFNbyhRWi8z9xDuzWYBfVoJXIEEDkUIj-mLESIQIly-UK34UdEFstsam5_bKfVszSIXui8aRdehg8o28NaY1KnSSrncwaePcz_j6clOaxnaTUrPgkR6DGJT-8cMPAZCTAD9e36Khu2WAL-3VxdzOf4LAUzdrUuS2YTGYvfqmURCH66sXVp8VyhDTMJDmqKZkKPF-OFpMZ2VwYpXVKN6USXlopk8H6EOMXhYQRaHcTOg3EsUZ8n81z6God_OkBOikRLRZCzOK7GjwsWjtOr21y85ZaxJrAJvlN88TGdU3T84_Wx2OWQ0S8TJAekb3SeT41Aqg4O1jpupli4twuk5Lwr6NKTgWE6sXQvWBMPQqJ3q8l6EylDeZaefbd2V9LrPq-6K6eNErzWu45X0F7yQlO7k9PP3iCBFckqvdxoqVqtSGG6jmWDYIAtHpGSUBFFTZXfJXWoXZZLerL7qEicUwiLLNWKUC2LQCptLyQvC7aR9EUBdBmQjBUFyjK4EbuwRUPn8wvDWgcTu45qa6N7KmngiFxWaIhhpPK2eQoDArRmxQGLJ6g6j7ICSx4_M0JTopo_uicTkyGYcD88_5fVJ09V-5Xnov-suFWUehcyoGpa5D0cmSgr5VJPVPB2pMIbZNGjAh4YuoR5fZ-COarp609pYyMDTTJ1FRAR_0UbH7JcEJmFIPvnFSadpEJT-6DAjZ72hgibc-IBZ-xQV5G37nCxXpcSuICXA3l5EG0XCs_5QEIPyok2_w5QaoeH8OPcNHoUcuVXcdZb_Cnku7ahB8xgbagIc3g5s00VAsyyNHDToC-OVchLg6HgM-NerNbdyVozmhx8OIVEDXIxhs_YYMK_8F-UH8kHHqxn2TMWTaQAz6GrqGowHaA3CW-cRAUWDeYFHIrvT8dJhiHZEdJnqMjC5xh422CqJOwqQSuqsp6OZmB102QySPc1JpshFdTFFBgCFLc75BmKukqct1lKKDz3nboeVKSbkjRt69jTm4yMOeyqXu_qdnRUgbHbZRkpBzb7kV3ykDfSZKz7ne0DIRFadfVBO5T4MJse1qcxkpncxM02bxUOQ9DmbZ9M13Zu6CYM2Q265xuwv-WNmemBOAAfNJEmzqKGqqpjjwqGKdudnP9UOwAzLijzXutqbFbQswKOeOMO29EuorZe-rHLoIBKVOxYmU5GZm8NSngEly4JvY4yQuNBJv3FIzLw2Afz8jDTN3mXoygrUc8uE2EEaivMgo9vwxgZ66M1dybWMy1fmm8ZoJYww9Z08&sai=AMfl-YSFykzQPmLZtclAzkO6L1X5nE1Qu0n2MLFvjKwIR7w5tOFcW52EAvV3CN1pwhb9raroH9fXMOfN6AQPfgSwyRXAe_2aC-dFuy723_uCdTPmH7nubUGFQvsk10KXZ_DCkshu-m0OTBZ2njlTP7hSMp6dXNevBW1gffp_-wuKD6m9XKt9_aA3yEB3BkWWwQgRda9rt-g0iBDN&sig=Cg0ArKJSzHzNmAxY39YoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=505&vt=11&dtpt=363&dett=3&cstd=132&cisv=r20231003.10186&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EF48 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvp-RGgAjoq7gRZ27cheTlIPmnwkd8AaqtPgbO65YKshmKyAKn9jyHpMnsubPkj3czrbtWjZXfIdeSSBT8aQJOTVOW3WwHvR9lrVjEaxhjgJOxzNFAe17u4pFf34AoFnMT8uZ_YD7hASrFXnR-NShlkVtvBujp3YymGcjP1-SdKFIgd4Fy5PsADKFO5uf0KNHKOWCXrgQ0BMl0yI3M8SihXUkDiuCED6Ix0KPuE0ZOFQK4zLa5AHbQL5w-lGMrUWQWqMyLSsMs-ojtPOSmxomF0fQKXDsfnxF-GvtOLd2_uu6UaytG3_K38fByRoflYkIygL2VmZkE0EzpyHDWrdlNOnBbOUlCmxwKY54PqgQ&sai=AMfl-YQUTXnwgTaDUfdmVQWGoLb2Trr3mlVSFvsHesQYwqVfxeVFzYgRFhSKf8Z7xay0ZYpqH_X1vL-A3c2RbWc&sig=Cg0ArKJSzO_No0fCjYWxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Oct 2023 22:33:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EF48 16 KB
12 KB 46ms
45ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231003&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f1929b070ebfb71832b384d9d7b4505f1bdb5a7cca3b1a82c154cba3f247a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12185
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A86 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:33:52 GMT

GET
H3 200 ch_performance-leaderboard.js Show response
s0.2mdn.net/creatives/assets/4629137/ Frame 4A86 215 KB
116 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4629137/ch_performance-leaderboard.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4401560/de_CH.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

621bdb834d155a92b41c1e3f5e42cc1d24d52b08edd732dedcbf2c2ccb1c6c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118663
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 13:53:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 22:47:33 GMT

GET
H3 200 Network_A320neo_728x90.jpg Show response
s0.2mdn.net/creatives/assets/4630247/ Frame 4A86 11 KB
11 KB 20ms
20ms XHR
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4630247/Network_A320neo_728x90.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4401560/de_CH.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cd3a26cf673e60afff14a4507d8b56c13b7b652286b647bd00ca6b23c19d702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7224228829127448257/index.html?e=69&leftOffset=0&topOffset=0&c=Hb8KsGDC0W&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:48 GMT
x-content-type-options: nosniff
age: 4
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11084
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 13:55:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 22:48:48 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C0C 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 20:04:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 20:04:40 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EF48 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js?bust=31078488

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 22:33:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB7C 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 8953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 20:04:39 GMT
expires: Thu, 03 Oct 2024 20:04:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C90 829 B
560 B 29ms
29ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e1dcd6cb9104c33a777287369bca74ebdb4f88a8639f93db8be4b146a63019d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3t6mVnN0ghSMzxRRnk8d7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3t6mVnN0ghSMzxRRnk8d7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:33:52 GMT
expires: Wed, 04 Oct 2023 22:33:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame AB7C 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 20:04:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 20:04:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C90 0
0 56ms
56ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231003&jk=3560551974905802&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AB7C 0
11 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XMCDoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B3B 0
0 56ms
56ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231003&jk=1972462585347372&bg=!mpmlmdbNAAbjlzx0w5c7ADQBe5WfOLg77OJFFH27ybHC4EBeenEV0_EqXUuXr7b9p2qh2t6KEL-Z16Qxj-3oTqIobrrQAgAAAIFSAAAABmgBBwoAiq03idzgrQjVu-9vqjwtLlYvDyOCAVxrFAPwqmFUNmPjKb1BgEA2CwPXmrSMkZxpfmp9_ExxUhQf39V5oN6ZkVdedxugHBJ7QRH2ABR9jwFFE07BQtiSaJjUfEuN8oE1-H1r0q0NYAAfLjmDd7UW1pXxYAVHLR_d-g6KthVdvNwtYgK6BJaPjDa7dZkC_cUdvuc9FOrHYvB6Ro0f2bq0gsFioghpz7_q6YgGv0AASV-3x4y1ZA4mgOHB0UlL6woTnR_t0URcx55R-9Yd1ibWCyzTRIN5sGkKkgWn3Vp2009Iihkp-qG6hdFHKs4hw-KyM_gn0CLZj0MVuoLarordbRRdFgNEO5i7S6vT2hlIZSX7ctDgQm7q0Ts-F1djqx-erVU_gJCzxk4tyXHMWamPRFGQ1EDI9dZxI6OPAEJ9xHS0JlIl8d2K8W5nbmzaoety9U6vxx3rNJCtm7hYKUeS3poQzpkpdTBHHqLowzWV7dtjc3t-QNxeMTC8tlGxkcbkG7VM38BgA5_VrdG40VeobgkE3FjR2Pj00t1fOL_oE42r_jM_6ape1jy1F7HglOJlBSeKkIFh5P4PA4geZOk_RBLBieisiWGRk_8DzvNLDwbTqircClGEsNfk_phI95UCjky2DpyyZWKck_JxHfTArrMGVptImw67bxWK1BtvxZN_qcagu3ReSjXz6h7DbQzowxraUWnVN95NpL91X0SXOM2022pS7-conkIZZ_7pVzt-barE-PjoZwqatgbdAuIVOQjOm4eF38EDK8VwUjb9z6I7lUfv5o0b-xK_gZPRtFD4_rEAU5ULJcYeT3CoTFiz4lYso_frQXIpl0bfNGbqAy_jNOE7vWhSN7y4xGZhDxrOgjZKP5y3ws7nbxnwkeoOcLfSeBz83Cb71H5KX2Pt283QGLPyXdBVmWGHpLckd4WikbKt6cHwk0BqEaeLwNe2zCJXt6SUmBVQyL7yI3B9iGjcp99IkKxWLRLsBcEMVq6oD3et3lW5mkd50qKNGsck8npJjE6c4ytlkap5tav3KFHZrZkKdrqbFfBhDZud7Wy4qZ6VUdriVHef-ug0Jbs1PPd3M7jmGFYjbu7wEpNflBqV0VBCclk7czxxOvLUrCF9_yLZPP954tiiS3Xb29uOcf_vbMc6omd7rpbd_TvLjCVwmX4NAenNwx4C7aD-owe7NEXs6Hdjj-Dc1w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC9 0
21 B 56ms
55ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8434084478424&version=m202309260101&ct=77&x=1&cor=13411831854284378000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EF48 0
0 57ms
57ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231003&jk=3560551974905802&bg=!FBelF1jNAAbjlzx0w5c7ADQBe5WfODo-DIKuwcaRhIvKsY-21Yr_M7QdM92BPRe6A5paS732DByAtDExeaKFrk36mU_lAgAAAExSAAAACmgBBwoAf3muCwMRHUxerI2rz2HVBAxKUSiYsWR67y0CTGjqoRHMXKNFt1SukwJtjGSpHbORC2-MecvOlvCnQKwOEnCnvw096qcBhs3mIZlZihhFDfboBSltq7M_H7yFAFisX4dk3oEz-uzDkMzpOekSjZNanNic6eUzV5oZo8Ywq0lZf8yZAvxnGW8xIBaKfWsGUJq7ARz2gJ-FmFx5Lg4oj6LDmFrl245cnmc1g5av1aclYqir2kndC2hgwb5pi_9UVidgQX5OUtqKuQXaIN4b6_YuV8kI6f2hQDoAK_yV5IxdnZXnNq3zNOfqwXJRA4gzmWPco2GkKXCkNOKT-dV_TV-9ccI0HzZtesXleN4FhPpK8fxgBimIryhjVM_Yc2m853XF3C7BrtNwqxY7KUijd9oMJKRnCe6CL1uSuqWfzqJBTCtI_hsVcO7hNWRCeztuhQqdv9Bii8wgoD-mAhoWmojAtrRuNtXyc52AI6WVL7jk5bMeE-JwCrOglTnGxhe6-PYcPaoSI6bfDip9BX1ZpuaecC5n9eP6ZmZ9AMfluBfzmayIraDfKhqgKTya83SUuKJ63Kt7QGlF_pxC2s1YVOGlww0z9_tdhcn72MW4EIvUXh3qJN8OSlbjE8-Qxh11jkF6yIjbQuTkpj0y0d-9safV4Ac5QTMKawQTvvy6yIexHb7P5EWAm1y-YsQUTZdlpgrUYLgHfa6dMfC_jUGjUxm2IDTUyxmsAVqSDBm_U5j5kyx3jeC0bJhIfgLy2wKuYQCp9sa4c_Ur4wnOnHfHw76L6CBmDdswEL22b_Ax8J6Bo6wP9DqFFSbZsJtxd3hyLLF9qm5W_WJ-SEIacl-bVYJotvjywptgWKP41BvpFFAqNJHmwMyNN3_iqdIzLNvN93-x53dyXnEb4qd33sOHTWIYdD0w5nyu0vy4sOJK14eqyulfb9Gs2DtZkZuRHrTkUhlPbw_3GxeVlu-6520u8xBiUVQ-AFkT9xmDvhN4x4Achno9CiBvf95_7GfbIIdna6Pf6byHxy3TIJ8WH2-LgJfI3GwfzU7Xkt2pqv10LSSFc-cOznajDlVzdnUMTxNHJDpzlJ-gobn0xuNfQeSAL1aiAQ3EwBMufX3E_9NWe5hV9J5WdwnFHx0hi_1ulUYz8BwG9crrfNZxEinD8tL1WiKS0renHoBbmf0i_pMnVbrhEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E64 0
22 B 50ms
49ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1428389570076&version=m202309260101&ct=76&x=1&cor=12886265378802514000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 22:33:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 baoshikuangzhanshiweiyouwotupolesuoweidengjidegainianbaoshidebasakariyu-yiseyilin.jpg
static-a.xgcartoon.com/coverw/ 635 KB
636 KB 36ms
36ms Image
image/png 2606:4700:10::6816:2e93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/baoshikuangzhanshiweiyouwotupolesuoweidengjidegainianbaoshidebasakariyu-yiseyilin.jpg?w=780&h=376&q=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fcf41173038938402bcd52d8fd4b1b0482977b401940d071addb9b4da9481dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 22:33:56 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:32:09 GMT
server: cloudflare
age: 172939
etag: "6302320606EC839DF80F523B64FAB821"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8110e3b2acb08ffb-FRA
content-length: 650542
expires: Thu, 05 Oct 2023 09:49:20 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 00:50:18	Name: is_unique Value: sc12916097.1696458825.0
.statcounter.com/	1970-01-21 00:50:18	Name: is_visitor_unique Value: 1696458825158732018
.xgcartoon.com/	1970-01-20 23:59:54	Name: _ga Value: amp-QXwjzIp2fqTm8byj9cV5_Q
.doubleclick.net/	1970-01-21 00:50:18	Name: IDE Value: AHWqTUnyOP__LPErevvlW246yJHJzTzXWk0FLxfR-2Oh8f--djKT-ZDZjx0vanxKP00
.bing.com/	1970-01-21 00:35:54	Name: MUID Value: 21A943005A076B81058550A05B706A57
.casalemedia.com/	1970-01-20 17:23:54	Name: CMPS Value: 3344
.casalemedia.com/	1970-01-20 23:59:54	Name: CMID Value: ZR3oT3W9S1Q8jXmMr0yzyAAA
.casalemedia.com/	1970-01-20 17:23:54	Name: CMPRO Value: 3344
.redintelligence.net/	1970-01-20 17:23:54	Name: 8lcfmzhxc8d6_uid Value: 3816579787fd8e87
.acuityplatform.com/	1970-01-20 23:59:54	Name: auid Value: 836212460386
.acuityplatform.com/	1970-01-20 23:59:54	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRT8aNzqKmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUU/Gjc6io90aGlyZFBhcnR5VXNlcklkWkNBRVNFUERraFFPWFJSTjliZDlDTUY1LWhOb/v7hnZlcnNpb27C+w=="
.rfihub.com/	1970-01-21 00:35:54	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129S_zLyp19Q7Vdc53N_TIT_bySk42Sg7iNTSzNDMxtbAwNjQ3MX3FiMoHAMUCROQ9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrc0NzE2NjExMzc0MLa0NDeytBDiM9SNyHZPyYj0sDQPzMoEAGJm9HMlAAAA
.rfihub.com/	1970-01-21 00:35:54	Name: rud Value: H4sIAAAAAAAA_-MSNrc0NzE2NjExMzc0MLa0NDeytBDiM9SNyHZPyYj0sDQPzMoEAGJm9HMlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129S_zLyp19Q7Vdc53N_TIT_bySk42SgYAO3UI8x4AAAA
.adform.net/	1970-01-20 15:58:57	Name: C Value: 1
.openx.net/	1970-01-20 23:59:54	Name: i Value: b6692b23-e1ce-46c4-a402-069a8de7b3ec\|1696458831
.everesttech.net/	1970-01-20 23:59:54	Name: everest_g_v2 Value: g_surferid~ZR3oTwASMHisRAA4
.adnxs.com/	1970-01-20 17:23:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$UnZWRv!]tbPl1M>e)ZlrFUfJ+tGXxomI-/I=Ds>O.V>Y_PCdvH#aZMiz_KC<HmhM%V3If)y3KL9D3I?+Rrm^c!
.adnxs.com/	1970-01-20 17:23:54	Name: uuid2 Value: 1807961539897250052
.adform.net/	1970-01-20 16:40:42	Name: uid Value: 6332176382362539751
.3lift.com/	1970-01-20 17:23:54	Name: tluid Value: 1529394950999042579403
fksnk.com/	1970-01-20 15:24:23	Name: AWSALBCORS Value: v5DT2QXQ7+Rpe513XghbwMXffy1lIjJEDv3Ot6Cfz6cQdhnww8hb2suf9ptE8w7cIQKv7WHYcDM5CkElneWoMERwd5t2S+pdrZ3FCnTg2wcUORNgJXAw4pxvzq7r
.fksnk.com/	1970-01-20 17:23:54	Name: f_001 Value: 68F9507AEFB57459
.fksnk.com/	1970-01-20 15:15:45	Name: g_001 Value: 1
.blismedia.com/	1970-01-20 23:59:58	Name: b Value: 651DE84F4F8720EB7F439C01BLIS
.simpli.fi/	1970-01-21 00:01:21	Name: suid Value: 0849F6E82AC7407A98D7BA082E9E2729
.1rx.io/	1970-01-20 23:59:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f1ee9452-3b34-417b-b572-ae1fa9f172b8-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 23:59:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f1ee9452-3b34-417b-b572-ae1fa9f172b8-003%22%7D
.yahoo.com/	1970-01-21 00:00:16	Name: A3 Value: d=AQABBFDoHWUCECiNRDlZ99QzinJRsKOZunIFEgEBAQE5H2UnZQAAAAAA_eMAAA&S=AQAAAkMd8ZcJFeNol9JKmyZkK6k
m.exactag.com/	1970-01-20 17:23:54	Name: exactag_new_gk Value: c5b9eb0cbc2441618e83543e9fde2cd3%7C03.12.2023%2022%3A33%3A51
m.exactag.com/	1970-01-20 19:33:30	Name: exactag_new_uk Value: 3581f6e5d8d144cb9f063cd722d6add4%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 230ce3cbab324bc6b5961d27

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://www.xgcartoon.com/ Message: The resource https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.xgcartoon.com/ Message: The resource https://bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
ads.eu.criteo.com
bbd557c808d8cafafccc9582f7ddc013.safeframe.googlesyndication.com
c.statcounter.com
c1.adform.net
cat.fr3.eu.criteo.com
cdn.ampproject.org
cdn.contentspread.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900030.redintelligence.net
ib.3lift.com
ib.adnxs.com
id5-sync.com
imageproxy.eu.criteo.net
img.3lift.com
m.exactag.com
mb.moatads.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.moatads.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
securepubads.g.doubleclick.net
static-a.xgcartoon.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ums.acuityplatform.com
us-u.openx.net
www.bing.com
www.google.com
www.googletagservices.com
www.xgcartoon.com
z.moatads.com
104.18.27.193
104.20.219.77
13.32.99.15
130.162.160.243
136.243.149.243
142.250.184.194
142.250.185.98
151.101.194.49
154.59.122.79
162.19.138.118
169.150.222.217
178.250.1.9
178.250.7.9
18.213.189.173
18.66.122.67
193.0.160.131
20.127.253.7
2001:4860:4802:34::36
23.32.185.123
2606:4700:10::6816:2e93
2606:4700::6811:190e
2a00:1450:4001:806::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a02:2638:3::10
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
2a02:26f0:3500:1b::1724:a392
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd
34.91.62.186
34.96.105.8
35.244.159.8
37.157.2.228
37.252.172.123
46.228.174.117
51.89.9.252
52.59.78.152
54.36.108.3
69.173.144.139
76.223.111.18
85.14.248.72
94.130.102.164
01ce24b8f5bb27695d00f835848b6087e25a69a39bfbbf1fc02268763731b24a
032d6defe17c485a528f13e4ec06a8e331f1dc3a14025cef32111347573658cb
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04178382da1ab77a8b9a60e7533737f56f192c58731cb377e7bcecdee18bb12c
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
077dc23ba8bb3c830538b2358ee93970e5906464e983e6be6d69aa6b13421bfe
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4
0dc8d4c8057500621917b3d88c33f534d917b03234c4716c04ca483e3dfdd69c
0fe4af134347bf9383f0946d8417a70e5bd69298876a68c4b578ab6bdeacad81
10e358711eab7bbdacde3e4d3eb925d04438f07358f0dad5d22a8818fc9771c7
11dcf6ceae5953e3d8d5f53fe1142a1ccda98aa32656e429f3571249447b2672
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13e6a7a86b66aec6cc0cf1441a042fa7beaedbab5dc996b0341301518a1f55af
149ac445b3031b272ccd41191a553efbda3a21087db9c6834e014ef24dacbf4e
14c55deaf7ebe64eb047f2deeff0f12615193ff170e0693bebd2b51991751bf0
1550cde0e7d219960e9cb08513b187557f36f8492494b8aa84722533baa675c4
191508e656696b753890ee1e00b9003b65ada37cb380d027f6ff624a5e58c119
1917b964380fc9d01d1e73a79c4d7cd4c0e9ae2a34ae63ddbcd65cea655e9a06
19dad64fd4d14734b115b97cca899daea6b5b52414f04953cfd97fae49a568c8
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1bb749752a23c013624343163618c79882fd7f061ad5b93160527ff47c3a06d6
1ce64723f400800084733cca3c44b432a1e33fe5df837915a477dab99dea9152
1e287f4e2fc69b929018a8e9cba1ab6dc875ac786d1387534a1e9fe151fc5f61
1fa1f27152e0d87361b0db046cae89137d3f1be8c804a2b77885e2c2ca1c8425
2661dcb6bfa9b71c39c54788bde5ea88003db9f7384c04e66d6f7926fdba8894
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2c182a11ce7f6063ee9102726c50d29f11e24144d86cd22ea592a6c8022aba1d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fcf41173038938402bcd52d8fd4b1b0482977b401940d071addb9b4da9481dc
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
326db4ba0a99427d55bb9b9c42decc77d1d07a925a3c0bede1ad8e1f511c82f3
3433b653441ee310710efa1cc36525282510c78fef28ede6b2504a06cb00fb09
3523fe0bfc26b6aea6ba24d933045d533972c56d98371a9ad2f952afa3af4465
3c670b49aaf4d01332c431f14cb5ad2fb5dd12346575629231b89ebfc5b57437
3c9a65d43fd753c36bc9b8eb9628e430b9278c8461eff6284cfc364e239703bc
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3db6509d499f8f093d21b083048c28c78b2e380324342efb7e280b6665954943
3e470390154e5bd03688cdda3929ea08912e3c0df3381747417b2b2695c11e6f
3ee6032818561a0ea9db98d97fc57817ed26745d9bda5cfec0705eb0451ee04d
3f70f33bbd200351e29167c7ca9a3421082c7748f7966c3c933eee941d949efd
4018b46b1e9b200e6f5afeb654ebcac6f59cbdab10d0a3c986109084f6a080f9
4090bbd44bead5ee98e93e4f1e2c35fa336e4d89b4d72432d77a4b6f8fea1270
4101bd33cfcc02108ba359ee9188137f3b1c1b5d78eb1020a8d130ce72f74bf8
41060dd159c926287487f50a2d8e583c8c72e6121d1f5ffdc626dc6cf6bf4efa
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
446479336e22eff9895c8a5045f2dd44e972fb9601eff32ca327b91eeeb81048
4486b96fbad5ef39657cadc38db6d1604e4a41b9cca9c66eec99d678135e4e9f
44d7c8f16c9fbfc3738b2ffeea5fe2bd6fdbb9bb0d76b0f067702efb9c4f86c5
454baabe1c1683becdb1a4fc158149e7d73cc92cf0eacd0297ed2cf62e235bc9
454c4e99fa9dab2faf30bf84f27ad4e3b5ccddaa17b6a9913e5eed70da3a45dc
45aff63862b7a85a48741e816ce3b9fdc7e2ea725e1f5989ceb47f502381a4d2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fac2c4f85a6f77b7b855a38edd6da4af8721ba0b7bab73d0bc60347fdbd3e8
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
49813518faa287e39e03222e572e5f7a2b387c58000228b62a8fc455d19ed7bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7e3dba795cc58a5bedbef6783f9e5151f51447f01b9e85e54bd16fb762cc15
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
505587c1162ef2d4af495312c860628d42fdd2b3f5536834468b6c7ed186f070
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5183f18d98de7f5d6749de7245e8e1fff348de2816700ad9f0d35642da8578b9
521f6fc33d7ede7524e5263c613a5db8df62c4a73a16a8147fdb385a88ec5350
52394b6f1fa52b7dd0d02befc99f8a03866e422445b1abbbc39b7d0f2e8fb665
5344f4c3aa4417b63569ffd61baa6c87ccbafea94672486f2f8ed6ca094830d8
53de6a5a7416da5f3507cc8d6e560a1a834de21b32626f296f4c2a1c8f2714d3
54eda68a8d6e9cf6039971639882c4b78f652fd47545a11a66bffc39df959e40
54f173a5ee26a4413615375fbef00ca9ca3ae10d283acf313135ecec9b881b36
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
5687f52f08a9f9f1153b46235ab30540dddf2c3302635aa9ef9a66017602b4c0
5aacd2e9c7ec1a3b33bdbce9a72f0fa9a3ac84151bb3c94ad3ceaab8467001a0
5af2b3c44d498d4ca737d2fbc0acdc882fc81ec81afc4c1b7d8548f9b52f64a2
5c01b4b21ae795ea053f0828237a68a5426fae41ad301604846d89d69393e3de
5c280389c8ca6a98a28b84c9be43fc8adff11a10246b3e0879aa106cfbdaf6ef
5c7c5c90a9ea184b7ae122746634b34b95b904cdf18701bcefe47281bdf3fb2a
5cccf51f08aa12186ba54c5215103eebefa04e8a8af0919fd4104c814475fb3d
5ed841005c6fd7c9bd183a289bb9e7bc9c7a85e90d370bfb9eb42f440b7ede73
5f1929b070ebfb71832b384d9d7b4505f1bdb5a7cca3b1a82c154cba3f247a4c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
621bdb834d155a92b41c1e3f5e42cc1d24d52b08edd732dedcbf2c2ccb1c6c85
6254a92d9d7102ec40d8797116e4c6c3823ce55867797d2c3988399a28dec826
6390b657c03ba32ed35b2deeddddf631b8ffd44495b067656a14584df8808b76
665e6612bce3d11ac04fa07d0ac8955f40a77c7ec32dd20781e5b2d4318fd5e3
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
69a0ed7e9e81a11d3dad0f6bb51a81db76065432eea18a0f3287055edab8ada6
6af58cf04efd9fd32d97550d6fa284266b135980e44da2b945d1017beb9964c1
6b6609e74783004520b0b7ed85220e0f8b9aa91d8e600a4417a846d9e5953694
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
71c87286b7656c279d8c6276b6602373709af8c8d4405cf94dc74e71ac9fd3b4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
743a258e9e16442b04027255b0214ed873724425db7eec597313cd5db9ae7525
753107f53fa7b6669aea9980a59cbbe59f0d21ded66bd2dabe9ddbc24ddcb2b6
7843c03ee12b71bc5025e16d6e95938d16669417cdebc3b3a0cefdb41c13afc4
7a5e8e47f8c822a6b6949d92a6ae8666a793ba1f1a208f19b9cc696d560852cc
7abe4ef543f967bd6fbc94fc40b81fd8a19428d105ba4d20d6f31783e81f74b7
7c6afb6efd5a58476d4a1afebf786fe0382f59666613b334192926c268136c66
7dbe7cc7b44665d8eed2a0887a127572526738f11b68471e18a403ef52ad79ef
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ea7fca64b1f5e4f08b3a996a528b5cb1d3305956dec7502ee9c4f59f1c8762e
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
847677e364f632a14b284e72e3b92d136e77486f4efccb0e81aa6d62432994cf
85807e46cda1cc83ef9c5e92edaacb7ccd4fe3cf1ad8ff1975709a435853cc08
87415b6852b696564d32f56a6b4c8a456f3276f46eda1ef429b36726bd1951f5
8756d3367261f5dfcbef03be86fb4b956f889917fbdd3b72c300d8e1dcdc5f47
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
894066365d51ab4e9027bc130182a116c92290f15e6400b44d36deae4ceb274e
89f365a523630bea5ea3533ec5c06b7db2297d14ccf662fe90aeba69d9ac3158
8cd3a26cf673e60afff14a4507d8b56c13b7b652286b647bd00ca6b23c19d702
8df097eb502b12dd12e333baa8591c98e2b9d27818950a592b26a358b4da388f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f27ddca50b8d71ac186b4d8199b41614b72d7e651932d00797bffb2410b1916
94b0aa179f9950baa8375f953ee4a03b1606d0945ff3159dafa2c8bdcbb2d59f
9648a5fd0b7367a3dab0099dd9dd142c0a03ab7da9c50ec91ef3bd3084358474
980c0996ed7861a8ad1219bd83f754d6b445bcc2a2b175c17a89318a6a7ca982
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf8320abe90f0b566bbb7997c1d5269403a16be82145d4935efd96c369878f7
9d485457bcfd0dbd54d98759be159d53077d163df9978a1de8608092a06c244a
9e1dcd6cb9104c33a777287369bca74ebdb4f88a8639f93db8be4b146a63019d
9ef4d8e305ba6d28a0b9efb307e16112274ace9cbc43c0a760913eb9a0881c30
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07f94f78fcb975d14e5fdeaa4ec9b9ab61db39f1c9a4e1f25e5192dbed4ac66
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a343a1840f00a5db5891891069d57a2af26f4c1b80be9098252cadcca0b4e6bb
a3a79b61cd82d6d989bae6f653b9619eb7e81b87883eedd972b6dc39969f9374
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6d47053e614d36ffeb9da1e22fe88c9d0764dca7dd005271b246e4203825d94
a6e6fc89b7efb9030b89e1881cebd3143aeb073102aeda079d8ac3b08e8dc22d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a97d3325c01891167615327fef9cd173ac264f69bf526c15af006ad27f99eaf5
a994981c7ac070cf9e0ad1e43faf4f386b72a4f4547d8cb334603cc0dd641e38
aa0696014ac23d674aec0b644c215635727fc3ff4b972cf9052c7bbd0b774a92
ad8677457876f632db38d31886a4f65dfeb50037c421ed20a9918fe60293585c
b03eb793ad3884af30b2cb190ceaaac8c06e276ef3ba8428cabc28cd0f14838e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2dff3c8538006a5ab7304fbdd0eef49b25077b7ba5faabcae58da42f42b1f8b
b301bb6e4378f763dc4b49cf25046d285584174a095da1e4f7eb5ff884f52be5
b3be69c4d77cd568b0c2d360918d62e86b33abfe1b08a2bb2c6993235a67d264
b497840fdc78d638af40eccc2c9fd9006670503964b7b8d7d84c5f8062ef25d4
b655eefff892b9c7eea8641af1a9d3a9bcccf16e7cf15e81d7b7e849e1346db4
b7a1f2d2b3af5842dc4b63539230c2fdfef285afd76c1304d327daa0b51cd575
ba98e735ce0f8021ed850e1cfd1e5f20049e17ac90b3bea352b04324d045c233
bab3e4376fdaf469aa2df0fbc4f5456d5587c8c715b7d94fd0a51d0548b55c8f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdad8690fa9c5fdf0852c93a26b3c47d302c9c5c5412466d5fa90edf98e92898
beb41f5f31d4b2911ad91b5b7b05131f006837a6c2bba64dc0659266107431f3
bf12194866dcd393d0eac7276df7817a87ac22375547ae418215c47bed1b8fdc
c0d30d11d664d44fbca26d9a71ee13049727c99476afa2d36a352a960dda48c9
c3419b9265a2e9428d879b0da8472d6643a0d7099237da048aca9520fbdfc6be
c59cff9a64bddf2deaea3effeb952babb3a012d05e7b1d3ecde5212f7c17b9a7
c5ffc93c78bd3ea8edb8ff1d41eb2d493a6308c459326cc04364ddf752e6ab79
c68d446f318242cb483c1404fb248a100ef152a579492b23752b4427954a096a
cb8c03490b8678af5012ec332fde4de41551ee867b15b8ccf03cb96685ea8efa
cbb41d948989c5c65e69966c145618e2db14c247ba6b92a6bb7bc62eb29ad634
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf91cd36a4d0a68c85ade427483a2385210b4f1b1f63e7247cb96e666b3b421b
d42553a5c5c21454807af7cec2bc459c0dcb08728f1175db01d196b2bdfc8bf0
d4de6c8a24d8959593744ade6de22ed29b5404dcdd0243d43e52209b56383f66
dabf274c8558e8b6fd22a47afcc8799086303d28793970e9f955707175e7c3f5
dd56207cb22c90bde52904d062583f1dbcd06b2dcff0e03011b3a5376f758f28
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5256bea79dd64abe02ec0b6031a5cf9e93ace05957297b59ffb42e21782297f
e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed68f0e80b7fdede2ae7235b2ae1ce179d07fa64513658d7ac9f65a5f12d623c
eedfa690ca9d2a60c870b97652a3ed26f0a4919c57eceb0bbc7154d142d771ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd50e10300ed11ceff2becf18a1db26004403015d89471153b6a9a2c71b46e1
eff3882abc295c20136dfc1e274929f93a39646f120f29131163116f4204e5c1
f007df9b812e12d98cd233884871fcce8b0dd20e2c69b6cba83df8959dbcc2cb
f4620eb8558321711185c5cf37ba11012a3d67617ab55060ce2ab0c7ebb1a5dc
f568e8f06d15eb4ea381047197f11c9aac65a0841c5602381376eb25ab240c78
f59a24724025aaa808fdcb5db803d2127feba310c2acf9acb0e5365b9a2b8809
f5a095f89c9fbc0b71e2d7b34e48ce0ec373fcb6d45998d30d2ceacccff2a299
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6100eb698d6b70e95b7911d0f90dbb67443b9e1d67ceb01d555312cff03d2d1
f6e1cc877a10a8eb6972d29ff997fcba4280ce42b896f3909cd932ba02fd5bfb
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f8d0c146f05d0e89709a24a6a45bc2bb399bfffe4f11294a3673c72388cc582d
f9f6ae79b8b5df7ca05d527f205201fcb1c9743de3b8e095b5be736ce02c2d13
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328
fa3ecba51fcbe3806a57d12638c9e2760902fef8faa7bfc5b4e0214ed36848b7
fb5c66168972643e16bc530f4673f99dbf79ee7591a68346a59d1e72eb2ff36d
fe364619ca5af89c1517dc71bb790c4b2fc8ad68e40828b73d35c01a057f2820

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

369 Requests

94 %HTTPS

40 %IPv6

37 Domains

55 Subdomains

42 IPs

9 Countries

7542 kBTransfer

13215 kBSize

33 Cookies

1 Outgoing links

Redirected requests

369 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

369
Requests

94 %
HTTPS

40 %
IPv6

37
Domains

55
Subdomains

42
IPs

9
Countries

7542 kB
Transfer

13215 kB
Size

33
Cookies

369 HTTP transactions
6 data transactions