www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaoda...
Submission: On October 03 via manual (October 3rd 2023, 7:11:37 am UTC) from US — Scanned from CH

Summary HTTP 331 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 40 IPs in 9 countries across 43 domains to perform 331 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::ac43:2a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
43	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
89	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:480... 2a02:26f0:480:9::210:ee0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
14 44	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 4	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
3 5	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
4 8	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.117.145 35.157.117.145	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
5	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
1 2	108.128.53.154 108.128.53.154	16509 (AMAZON-02) (AMAZON-02)
1	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2600:9000:21f... 2600:9000:21f3:5800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:1f18:1ac... 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e	14618 (AMAZON-AES) (AMAZON-AES)
2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	145.239.2.103 145.239.2.103	16276 (OVH) (OVH)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:237... 2600:9000:237d:8a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	69.20.43.192 69.20.43.192	27357 (RACKSPACE) (RACKSPACE)
4 6	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	52.212.215.149 52.212.215.149	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.217.9 52.57.217.9	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
331	40

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:2a0b (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

89 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:480:9::210:ee0e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 172.217.23.98 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.35.84 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.139.94 (France) 3 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:678:cb4:bbbb::11 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.117.145 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-117-145.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.53.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-53-154.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:5800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.2.103 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:8a00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.251 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.215.149 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-215-149.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.217.9 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-217-9.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
142	googlesyndication.com 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com ade.googlesyndication.com — Cisco Umbrella Rank: 333	1 MB
87	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433 ad.doubleclick.net — Cisco Umbrella Rank: 180	484 KB
19	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	525 KB
16	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	769 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	251 KB
11	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 676 rtb0.doubleverify.com — Cisco Umbrella Rank: 1113 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 19227 tps.doubleverify.com — Cisco Umbrella Rank: 722 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 10200	148 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1083 static.adsafeprotected.com — Cisco Umbrella Rank: 851 dt.adsafeprotected.com — Cisco Umbrella Rank: 765	136 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 680248	493 KB
8	turn.com 4 redirects ad.turn.com — Cisco Umbrella Rank: 1432 r.turn.com — Cisco Umbrella Rank: 6191	3 KB
8	google.com www.google.com — Cisco Umbrella Rank: 11	3 KB
6	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 1153	2 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 35069 hal900027.redintelligence.net — Cisco Umbrella Rank: 234112	11 KB
5	smartadserver.com 3 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011 ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096	2 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 2022	1 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 863 rtb.openx.net — Cisco Umbrella Rank: 1029	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 360 secure.adnxs.com — Cisco Umbrella Rank: 806	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	2 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1171	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 5383	886 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3472	814 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 1012	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 713	948 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 649	912 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1260	796 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 509	757 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2803	174 B
1	lkqd.net cs.lkqd.net — Cisco Umbrella Rank: 3391	521 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1092	447 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 51511	610 B
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 84565	34 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720	32 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 910	363 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	583 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	711 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11243	551 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	149 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 12701	469 B
0	loopme.me Failed csync.loopme.me Failed
0	spotxchange.com Failed sync.search.spotxchange.com Failed
331	43

	Domain	Requested by
89	pagead2.googlesyndication.com	186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net ad.doubleclick.net www.googletagservices.com
44	cm.g.doubleclick.net	14 redirects googleads.g.doubleclick.net 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
43	tpc.googlesyndication.com	186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com securepubads.g.doubleclick.net 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.xgcartoon.com s0.2mdn.net pagead2.googlesyndication.com ad.doubleclick.net
19	s0.2mdn.net	www.xgcartoon.com s0.2mdn.net 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com ad.doubleclick.net
18	securepubads.g.doubleclick.net	cdn.ampproject.org www.xgcartoon.com 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
16	www.googletagservices.com	186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.doubleverify.com www.googletagservices.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
9	googleads4.g.doubleclick.net	www.xgcartoon.com ad.doubleclick.net
8	www.google.com	31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	onetag-sys.com	4 redirects 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	cdn.doubleverify.com	31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.doubleverify.com www.xgcartoon.com
6	186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	hal900027.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900027.redintelligence.net
4	static.adsafeprotected.com	googleads.g.doubleclick.net srcdoc
4	r.turn.com	googleads.g.doubleclick.net
4	ad.turn.com	4 redirects
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	rtb-csync.smartadserver.com	1 redirects googleads.g.doubleclick.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	ade.googlesyndication.com
2	dclk-match.dotomi.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ad.doubleclick.net	www.googletagservices.com
2	ssbsync.smartadserver.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	fw.adsafeprotected.com	1 redirects www.xgcartoon.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	pm.w55c.net	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
1	rtb.openx.net	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	secure.adnxs.com	1 redirects
1	cs.lkqd.net	googleads.g.doubleclick.net
1	s.ad.smaato.net	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	cdn.contentspread.net	hal900027.redintelligence.net
1	ajax.googleapis.com	hal900027.redintelligence.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
0	csync.loopme.me Failed	googleads.g.doubleclick.net
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
331	64

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
contentspread.net R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh

This page contains 47 frames:

Primary Page: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Frame ID: 4A79E85D4E83497190BAB7DE88199B86
Requests: 38 HTTP requests in this frame

Frame: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 5940CFFD9348F39D56B7BD9F46004BB5
Requests: 13 HTTP requests in this frame

Frame: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 8D8E51C0490D657DBFC69A5DF2FDAF9B
Requests: 11 HTTP requests in this frame

Frame: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 9B5109839AEAEA59D7DB4815965D2DD8
Requests: 11 HTTP requests in this frame

Frame: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 68753E8B057C1F1F45E0995BD8E07F21
Requests: 11 HTTP requests in this frame

Frame: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: FEFF16DC25C11992303B404AE16FA210
Requests: 11 HTTP requests in this frame

Frame: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 961AE4A47DB50433D8A3ACAF176E33F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Frame ID: 01BB3972D5D4053EB8BAAED6BDE6A684
Requests: 1 HTTP requests in this frame

Frame: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1DB3EB28EDF557C180C303728532985E
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177
Frame ID: 569478023F21196F29030909089C7C60
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077988&bpp=552&bdt=832&idt=1096&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31077327%2C31078200%2C31078363%2C31078301&oid=2&pvsid=4176355876507025&tmod=580213982&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vqemlxg1lv80&fsb=1&dtd=1180
Frame ID: 87564E551CC0362C42EBBA5AD55D07D2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_-am9QEwAQ&v=APEucNXnG5geCqLb0dDauGjQc84RtzNnN_n4pKghBKsyY8ZCgNIo7eHH9PcAuJUv8wwXS9H8ir7Zw2UbMUScYiUse7_5syJyxX5SbX_I3_HY7SW3mNMs1s1-aWVP9hpdpFBy05SLJ_8mIB4El6odtvWFi91oHQhXgvKdKbC9bFl4yoJFMHeaWAk
Frame ID: 5E8931C9AD41A1E6446515A6F752E2A1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Frame ID: 1331B435DE46C00029A16980582CB367
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394
Frame ID: DA10441CCE51B33C94CDBDB063B322B6
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D69883539DCCD890DD7A0391FC1A212
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94B81B85A3ABD0A531203D11F70C2F0E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYksm57AEwAQ&v=APEucNUkOWr0_nB07--uHtOmeuKKHiqMHjfcLvyl5DorfQQEyRo9uClM-xeIhrZ7CFSsUuhgE9yB9ictbNInXbDcSH4HbdDg2suPqQzARSQNcIhUdZpiPobR5BAlVT9UuFwEEWwEY6RPuvyn05Gr2ZSuIH1ZEmXQCuK_BXZ3d2acLtIpR02Wkzo
Frame ID: F894491C63F96A4FE87B90583C4545B6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQY3seC-AEwAQ&v=APEucNU4Uqfgp6TnIuNZnFNQCoGwsRhBf_sXBlLZSG31MuoAvDUPUnqbz6T5pCwJsxCcrozqz8vPpA7e8vmEV8iBi3dVYP7flrqlhdM1s9V26tl-KgxaJj6cXMBLutTU0d-yPTteyl4RM3IzPqvU_ji43p-NL7OjxMnU5xEBHCbDwqGkcj7zL7o
Frame ID: 8BC9BC4CD0E2505541BC390B269BA7E6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNXAnGQJv3RtHl3mmAvS64Hn_KwTFDNQgGhO781qy9Y_2i6oqvKaP7GilI9WrLRXeYGbbQgRrwxC1Jmwl9_DxSdbYsNNJl6-xMpm8mfltTd3ykiyK1RHtZ2jr5qZzURnnn2AraYtJNuRbCu79AAOi1YoumHpL2gjM62ck4_-ccu5WgW3QKY
Frame ID: 8EBD1975AED08A2678DE2A990D240472
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A84261D91BC4E8EDB96DE40A18F4BEB0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNW7TACiAQaJHbEU2PB2Iewr4MzraEsu2vPsfo_AydCndkqyZXt21mvC6gsuXrP7sOjUCjwXVgi32CN1beZOkuTCKE4vy2jWTYaHfgX-KJgOcOzFmByXPU1uZPTUAktf7z_bQpuxgwshJq2rKRim7MRaCS2nTqZnwtHxZhLG1UOBGbdwbas
Frame ID: 1F1DFE793804A6F5633EDDAB9E13AA93
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B8B4746DA3E9244DC6CD36F254AD154C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
Frame ID: 8D0259263AB79A325BF71574BEC53BC9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A1D718E1CB8550774166CFCE6F3D9495
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62E59A0C5916F10C396CA7F6480898D8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F15B85B0B5FB9AF19C19289E12BE8E90
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4DBBBF658A660968D07C10465AFCDBA4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html?ev=01_250
Frame ID: 064B597FFC736183B10C9567D1E48CE7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 217623627311C5689E8C2550BEE0AEC8
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D97E68668836E291FC2B1F61651C96A4
Requests: 1 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=78392200028716804444552012466027&a=6755784b
Frame ID: 3B3E8C5DF81A308B5EF15E2A4E4CE48F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0CD3F56907E1BFDBAD09B31CAEA12DE7
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x600.js
Frame ID: 037C06635552244CAE81D38581F20FED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Frame ID: 53DF18838D9E791C6FBB4FB38018D571
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B6FC73622F7B723FA3E0EF9B26590F05
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4784.js
Frame ID: 95AFBF6F4416F73A30B2B97017F486A8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B790ACB21B10E352FDA0371D38028533
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 711F5B42A2A2D32693DE3786053108E5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CB9E6015B493BFCE010D75FE35D4B2C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 85D829500992AD93F918A64DEBF53914
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2D07A0181E650470F9F4EAF9D54694D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F65E65CDEC883466136ED408E9751AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1E6ACCD067B1D640060EC828CB51C9A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C0AEA4E5E3B68381536D14BD59239DF7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5722FB60B73C980586AD666EF63CDFA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C949747B63BA809E7BEF628C9DACBBE7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 904F8A43E0E3966E438590D0159AF19E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍱死神BLEACH【劇場版1】無人的回憶（境界劇場版別處的記憶、無人的記憶）【日語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

331
Requests

86 %
HTTPS

37 %
IPv6

43
Domains

64
Subdomains

40
IPs

9
Countries

4362 kB
Transfer

11234 kB
Size

44
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDDYLF_Q_kRRp9cYVAZyF8&google_cver=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRu.l5qNbAN-sLWhnTV38QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDDYLF_Q_kRRp9cYVAZyF8&google_cver=1&google_hm=2

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKrj9T7Ec6oT9kuraE3T38I&google_cver=1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2MDk0MDg3MDU1NjYwNzQxMg%3D%3D

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIpcFcQ_8vJCQ6OnUm_8kmg&google_cver=1

Request Chain 123

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWEwZTlhZjctOTYyYi0yMzAxLWU3YmUtYTAxODlmMjM0NTBj

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEEZ8dkhzsz-WL1ABUPujWgk&google_cver=1

Request Chain 125

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjA4MTQxNDAtNTE0ZS00NTU1LWI0ODQtM2Y4MzFkZjcwY2Q5

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECsKURZz8joKZRiys69GQCk&google_cver=1

Request Chain 141

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lX1JlTGRaRTJ1RzROME8yWTJHVWhINjEwZEZCUmtGNH5B

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOkeYSpdLam-PJyBLk31si0&google_cver=1

Request Chain 150

https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=MjE5MjUzNzA4Njg5NjA4NTg1 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOkeYSpdLam-PJyBLk31si0&google_cver=1

Request Chain 156

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1&google_push=AXcoOmQn8kQ690KT7ldbXSNiKYuzCpjvoRRfKed5C2nU8n5i56gpA7dgROVMq4okKcGgPnJ8xVDact69GNKCwKbc-8di1K_54hc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM5MTQ4MTQzODk3NDg4MTQ5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1

Request Chain 158

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBpVLK6dqqpcTo_dC6uECo8&google_cver=1&google_push=AXcoOmQOldUNlGmM9VEsD5yKwze3lWxFYLDU2YvIXQouTQye4jyeoW2ow_zQKApbWd4Qj5u41B0X6vlCaaHAhskzBSyVzkF1OD35 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBpVLK6dqqpcTo_dC6uECo8&google_cver=1&google_push=AXcoOmQOldUNlGmM9VEsD5yKwze3lWxFYLDU2YvIXQouTQye4jyeoW2ow_zQKApbWd4Qj5u41B0X6vlCaaHAhskzBSyVzkF1OD35 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Yll0UllzdjUxUU56eVU1&google_gid=CAESEBpVLK6dqqpcTo_dC6uECo8&google_cver=1&google_push=AXcoOmQOldUNlGmM9VEsD5yKwze3lWxFYLDU2YvIXQouTQye4jyeoW2ow_zQKApbWd4Qj5u41B0X6vlCaaHAhskzBSyVzkF1OD35

Request Chain 159

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFM7O3q5vcQa_FTOzcv9Bh4&google_cver=1&google_push=AXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFM7O3q5vcQa_FTOzcv9Bh4&google_cver=1&google_push=AXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 161

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFpBIyLGTB2hSchwEdwS7NM&google_cver=1&google_push=AXcoOmQmIzIAbJWby_H7Un-9p4VrgcQkNzPvfR08y1M7bNwQHmQJPM62cIWEcuchQfhRgJDrCxK3cPkB3QFIHoA0nCMa9HsoVFY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_25rRT1bSaI0431TXWKwwg&google_push=AXcoOmQmIzIAbJWby_H7Un-9p4VrgcQkNzPvfR08y1M7bNwQHmQJPM62cIWEcuchQfhRgJDrCxK3cPkB3QFIHoA0nCMa9HsoVFY

Request Chain 162

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDXTAYAqMJs9zE8Bg1yCdaw&google_cver=1&google_push=AXcoOmRLbIYN2VzyBlRO7Q5tmdmmcHpS3ZFnmRTfecMEBSpd8uSEUrKCxgnBaWer5gy2HyR_Trj4phWEFId3hicWDEBNC9142DBq HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDXTAYAqMJs9zE8Bg1yCdaw&google_cver=1&google_push=AXcoOmRLbIYN2VzyBlRO7Q5tmdmmcHpS3ZFnmRTfecMEBSpd8uSEUrKCxgnBaWer5gy2HyR_Trj4phWEFId3hicWDEBNC9142DBq&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rATpeIk_SYCmF8QwgeV6ZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRLbIYN2VzyBlRO7Q5tmdmmcHpS3ZFnmRTfecMEBSpd8uSEUrKCxgnBaWer5gy2HyR_Trj4phWEFId3hicWDEBNC9142DBq

Request Chain 199

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1&google_push=AXcoOmRyScOqMicfLB8_ucPPqA5Anrqx_0PGovAFzmcNHE4uSIdmvR2-UkWIsEOZpUwYoVVJEot45K7p2sOVYKqn233hSgK5imk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM5MTQ4MTQzODk3NDg4MTQ5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1

Request Chain 200

https://um.simpli.fi/gp_match?google_gid=CAESEDAQaYdf9-W6qzR-cgyGa-c&google_cver=1&google_push=AXcoOmTNBfSH7DLViy7NdGIpAJnv_HydR-frZz3AwEVztJR5-lRF4vLiYaYaDMpbeJ1iH7y1P2tjA5qjq9hugpfKpW7ASjyF56U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=720EB514B20A488FAC93663AA87B997D&google_push=AXcoOmTNBfSH7DLViy7NdGIpAJnv_HydR-frZz3AwEVztJR5-lRF4vLiYaYaDMpbeJ1iH7y1P2tjA5qjq9hugpfKpW7ASjyF56U

Request Chain 201

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECF1QWT-bNb76wVs4LLzTj0&google_cver=1&google_push=AXcoOmShKKW9SSbDVyqDgLLrFqurQIlT0Ezn5bEIN8SoYK3gZ3YTsX2_6a1jvY575mtjBglhNQQZTNi0Tq4b47piIV5RMwmZbyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NTYyNjM5MDg1MzU4MDk0NQ%3D%3D&google_push=AXcoOmShKKW9SSbDVyqDgLLrFqurQIlT0Ezn5bEIN8SoYK3gZ3YTsX2_6a1jvY575mtjBglhNQQZTNi0Tq4b47piIV5RMwmZbyw

Request Chain 203

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGVBTlxLgbqz52rwmzEnO_g&google_cver=1&google_push=AXcoOmT-2jgDsTRvzoigc-UUJidGvZVv7KYtL91y27ATWUoetDelYW8yCg_gsezatyGR_7z2rB1LN6kckjqMSUeJo9uskuxSMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE45WkU1VVQtUS1GN0c3&google_push=AXcoOmT-2jgDsTRvzoigc-UUJidGvZVv7KYtL91y27ATWUoetDelYW8yCg_gsezatyGR_7z2rB1LN6kckjqMSUeJo9uskuxSMA

Request Chain 204

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFjQDDeTia6ExhVOaKejzmA&google_cver=1&google_push=AXcoOmSmtKVWAw7roFntc6zUoogV-f_-ZupBdo2mNNwEepDqOTUEOFkhi_nhUOW3bZ6MmG2NVo7m-6PMnck3i825alOaY8To1AE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSmtKVWAw7roFntc6zUoogV-f_-ZupBdo2mNNwEepDqOTUEOFkhi_nhUOW3bZ6MmG2NVo7m-6PMnck3i825alOaY8To1AE&google_hm=NDQwNzg1NDIzMjYzODY4OTIyMg%3D%3D

Request Chain 208

https://fw.adsafeprotected.com/rfw/st/990511/61634099/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-5884294479391638&ias_chanId=1&ias_placementId=20338657638&bidurl=https://www.xgcartoon.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0idesWqTykOBv-D_eVrBY-6&adContainerId=brand_safety_mL4bZaLyHubC9u8PqMWqqAQ&cbFunctionName=goog_wrapCb_mL4bZaLyHubC9u8PqMWqqAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.xgcartoon.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D600%26slotname%3D3654094576%26adk%3D3568108137%26adf%3D3173046730%26pi%3Dt.ma~as.3654094576%26w%3D300%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696317078053%26bpp%3D544%26bdt%3D893%26idt%3D1273%26shv%3Dr20230928%26mjsv%3Dm202309210101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3755%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D3184721645%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759927%252C44759876%252C31078200%252C31078363%252C44798934%252C31078421%26oid%3D2%26pvsid%3D1194333735167736%26tmod%3D2027453976%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.rfqukalz123n%26fsb%3D1%26dtd%3D1296&adsafe_type=d&adsafe_jsinfo=,id:3c8923ae-1fde-24de-a437-1e275151bb4f,c:pXYfcT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-jrpd5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:tRBzBEe+111%7C1121%7C1122%7C1211%7C1212%7C1213%7C1214%7C131*.990511-61634099%7C1311%7C1312%7C1313%7C1314%7C141%7C1421%7C1422%7C1431%7C144%7C1511%7C1512,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:98,oid:0e0a5caa-61bc-11ee-87c2-1661541dee81,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 211

https://hal900027.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c4e3d8fff3&subid=&uid=35f4ec3c31183dd6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_8tjl74bZfDCJbuqxdwP9-yOuAOm5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCcQ9KO2mUsT6oAwHIA5sEqgTqAU_Q2AgKIUV7gOopRNdHUaELljF8gWkABINvF9ExfPMCbpPKyG3gvty5Y_OkujjO_hLLZKYMNb3lg9n84gVxuY7x9YVjG-zhFFFZK3Zkwa0N-sVH1avCadz429k8_wWY0bJfOC3KCOLhifV1vnfFgkFTa2V78RzcEhnlpQ5SZrDSpA1A7_wAA_5Qu0ygyWF2G0W58Alvdym4Kr6WgW-Nqzh3EztzxsA_rFwidLf6JNpqydr34q4Ez1iGAiNGyLvAKz72xL7yAoi45CP8qjFIApMkYo24aVU7z6s5m0sskEAB1PwnBfTLMYkNpsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsOrTx6nZgQMVO1WRBR13tgM3EAEYASAAEgLd8vD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNbOO9D5gEQK8ITM8QDPQ_GYKwK0X7CYNjRCqDl6caIj5SGQiMGAE%26sig%3DAOD64_2kEiAn3fjGBUAo8vnyAfbWmD6sGQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Dhp4OVULcIk4iOAfx0d0KWlsEwQTQH45wZH94UFSN6Mzrnr1r3nFBIwtpZ960RU8BliYud_-Qu1yuVHggA7yWgVzYkoRAUsb3AX4UKiab3Y0KlbCUgvbhPEuGAGS85Eaiu51Ibvgt9W9FogLnrNvuemuVQ3BZ33uPKxM_cAOvdZWrtbgQ%26cry%3D1%26dbm_d%3DAKAmf-Dz7N5lAGp1gUGJs5IRDI-2NZrmk05SYB9mDANBpUaZqAdEJrmOID3YRBECRzBytJ1NM7dClGdYRqIA0igudr4VJOzWzDWxZta0P5zTlcqbA7TUPw_FnJx-qdm03w2TJfG7VCrC7BGKR7d-j2nPLy86-WzYa-Mv79LCHv0bA02oNHTgsm_WsLzu-yzfJGh5CBLtTOKk1nYVVzYwvGjh_OqeuDdlA7xYsQ9hzD5TyNguNOu60i59V1bxzprq7htPDeVNAs58-hcaOQOE6zUPs7UOlDMLtuIttPYGeE4a4MFQzDIVYSE4uhXsJhdW71RIev2ObJ79gzF4flJgBcrnKL5hXfuw2dOvjUksAG0tlCZXDm-lE7wrBOzgJRUr8W78VArVhIPq4fwLiiFV0XIj6_GDXh-MxEmyZxZ5MQC9HdgpYFliLt5Yxl1AyOm6U4xYwI2BE3Ehu42olzzsDWHNeFsBfFozZTpqGj_HQv2WiyFCAtl697HZYsu4-hH12X7QqMRlOw4VQpjchYDMBE4AOwyxMocSiMkOOtopWbHBArwK1sK6tPM%26adurl%3D&documentReferer=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=7985874959373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c4e3d8fff3&subid=&uid=35f4ec3c31183dd6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_8tjl74bZfDCJbuqxdwP9-yOuAOm5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCcQ9KO2mUsT6oAwHIA5sEqgTqAU_Q2AgKIUV7gOopRNdHUaELljF8gWkABINvF9ExfPMCbpPKyG3gvty5Y_OkujjO_hLLZKYMNb3lg9n84gVxuY7x9YVjG-zhFFFZK3Zkwa0N-sVH1avCadz429k8_wWY0bJfOC3KCOLhifV1vnfFgkFTa2V78RzcEhnlpQ5SZrDSpA1A7_wAA_5Qu0ygyWF2G0W58Alvdym4Kr6WgW-Nqzh3EztzxsA_rFwidLf6JNpqydr34q4Ez1iGAiNGyLvAKz72xL7yAoi45CP8qjFIApMkYo24aVU7z6s5m0sskEAB1PwnBfTLMYkNpsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsOrTx6nZgQMVO1WRBR13tgM3EAEYASAAEgLd8vD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNbOO9D5gEQK8ITM8QDPQ_GYKwK0X7CYNjRCqDl6caIj5SGQiMGAE%26sig%3DAOD64_2kEiAn3fjGBUAo8vnyAfbWmD6sGQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Dhp4OVULcIk4iOAfx0d0KWlsEwQTQH45wZH94UFSN6Mzrnr1r3nFBIwtpZ960RU8BliYud_-Qu1yuVHggA7yWgVzYkoRAUsb3AX4UKiab3Y0KlbCUgvbhPEuGAGS85Eaiu51Ibvgt9W9FogLnrNvuemuVQ3BZ33uPKxM_cAOvdZWrtbgQ%26cry%3D1%26dbm_d%3DAKAmf-Dz7N5lAGp1gUGJs5IRDI-2NZrmk05SYB9mDANBpUaZqAdEJrmOID3YRBECRzBytJ1NM7dClGdYRqIA0igudr4VJOzWzDWxZta0P5zTlcqbA7TUPw_FnJx-qdm03w2TJfG7VCrC7BGKR7d-j2nPLy86-WzYa-Mv79LCHv0bA02oNHTgsm_WsLzu-yzfJGh5CBLtTOKk1nYVVzYwvGjh_OqeuDdlA7xYsQ9hzD5TyNguNOu60i59V1bxzprq7htPDeVNAs58-hcaOQOE6zUPs7UOlDMLtuIttPYGeE4a4MFQzDIVYSE4uhXsJhdW71RIev2ObJ79gzF4flJgBcrnKL5hXfuw2dOvjUksAG0tlCZXDm-lE7wrBOzgJRUr8W78VArVhIPq4fwLiiFV0XIj6_GDXh-MxEmyZxZ5MQC9HdgpYFliLt5Yxl1AyOm6U4xYwI2BE3Ehu42olzzsDWHNeFsBfFozZTpqGj_HQv2WiyFCAtl697HZYsu4-hH12X7QqMRlOw4VQpjchYDMBE4AOwyxMocSiMkOOtopWbHBArwK1sK6tPM%26adurl%3D&documentReferer=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=7985874959373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 256

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1&google_push=AXcoOmR7V6NG4UrY63LF59RL8tQrzj_SNW-CrV4snJtxHLJRHMr1lKNk5EvYEu2oMpsrwkzMsAzUXwoXtZ-o72QUrnrUOjugXkwh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM5MTQ4MTQzODk3NDg4MTQ5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1

Request Chain 257

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFMHddObDVPk-lUx1EBHBCw&google_cver=1&google_push=AXcoOmTDFJc4Kx_fzFpiM2eQ0hWQU7Paa73COTskHv9eZx8XiEIQv9rV0sxZ6C1OgVGbzqVtq1le-pBazxC_qm0dhaAMrniDxSc HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTDFJc4Kx_fzFpiM2eQ0hWQU7Paa73COTskHv9eZx8XiEIQv9rV0sxZ6C1OgVGbzqVtq1le-pBazxC_qm0dhaAMrniDxSc&google_hm=i22L8UE0jGwXvCTOud2h9w

Request Chain 258

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECbf5S16Eg8-KqIk5UbcRpQ&google_cver=1&google_push=AXcoOmREqFhhcEwZEjcm36BzcittGHNhE1zbzQg8Y2WtXZKsASkJyF2jHJuPBqA9LBPiKn37i3AbJw5KVNdHTAwannMZPmVFj8H8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmREqFhhcEwZEjcm36BzcittGHNhE1zbzQg8Y2WtXZKsASkJyF2jHJuPBqA9LBPiKn37i3AbJw5KVNdHTAwannMZPmVFj8H8&google_hm=a7vFj4FORXGZNyfuRK1-aRY

Request Chain 259

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDXTAYAqMJs9zE8Bg1yCdaw&google_cver=1&google_push=AXcoOmTfhCUV06vbBxcmFCoyT_2MCjMr0rA7f6ne7h4Gxhez09pJq28tnbPk16FVoVv1npOKDoU3VVLOpxW8pZcX_JSeVhknEC4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rATpeIk_SYCmF8QwgeV6ZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTfhCUV06vbBxcmFCoyT_2MCjMr0rA7f6ne7h4Gxhez09pJq28tnbPk16FVoVv1npOKDoU3VVLOpxW8pZcX_JSeVhknEC4

Request Chain 260

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM9_Nygk0AMtaT-h3VVgZIA&google_cver=1&google_push=AXcoOmStBNgg3SnuT4sPXb5IkpXk0Eo0CKW_au1K13cvMPZkr7Ki24XZzXoupkvb72UR66ANgeqy4CsOhVC0wGAEhOWFdF3h3wk HTTP 302
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=f4bcecbf15&gdpr=0&gdpr_consent=

Request Chain 261

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMXbCNcGp3AdRqZxMG43lik&google_cver=1&google_push=AXcoOmR66AU0thE5i08lDWeTqelompMMeeqEka9TkrtiXgnwIC1FWY9iCW-frudLVtWx8yoEbfiw66xV9Ec6vi8N-tMIbL6xJYhR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR66AU0thE5i08lDWeTqelompMMeeqEka9TkrtiXgnwIC1FWY9iCW-frudLVtWx8yoEbfiw66xV9Ec6vi8N-tMIbL6xJYhR

Request Chain 262

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG-HL8ZPG9zbZZRgoaIvXh8&google_cver=1&google_push=AXcoOmSBgFfQolVmK6_4bGKVP0qUZX3nFdXEN2vSnuyZLoBxm-kHnyZpAdvHQ2nYEkObWvppCfRO2QZZqEjnwE1A3QqX76Kcmw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSBgFfQolVmK6_4bGKVP0qUZX3nFdXEN2vSnuyZLoBxm-kHnyZpAdvHQ2nYEkObWvppCfRO2QZZqEjnwE1A3QqX76Kcmw&google_gid=CAESEG-HL8ZPG9zbZZRgoaIvXh8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ3MDE1MDI1NTMzODI0NzMzODgw&google_push=AXcoOmSBgFfQolVmK6_4bGKVP0qUZX3nFdXEN2vSnuyZLoBxm-kHnyZpAdvHQ2nYEkObWvppCfRO2QZZqEjnwE1A3QqX76Kcmw

Request Chain 276

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN9SNHsp9S0MRdmEYygxcvI&google_cver=1&google_push=AXcoOmR_cl3tRgxXEQv9QR2ozaJni85NYTlpCZC3KfrrL5dpmqjpk25RCUU83h34qv11w0b9FmRqOPRrN5NS6vZ3Ajo-zMKVkvIe HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN9SNHsp9S0MRdmEYygxcvI&google_cver=1&google_push=AXcoOmR_cl3tRgxXEQv9QR2ozaJni85NYTlpCZC3KfrrL5dpmqjpk25RCUU83h34qv11w0b9FmRqOPRrN5NS6vZ3Ajo-zMKVkvIe&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR_cl3tRgxXEQv9QR2ozaJni85NYTlpCZC3KfrrL5dpmqjpk25RCUU83h34qv11w0b9FmRqOPRrN5NS6vZ3Ajo-zMKVkvIe&google_hm=HbEPsGZHK5tnlEz1Qh-OQTHG

Request Chain 277

https://match.360yield.com/match/ebda?google_gid=CAESEFkWTclvXhKGzbeBwKClNgo&google_cver=1&google_push=AXcoOmQjhU38dE1K17ibLRFNIsh3Hs8E79pX56uQKLbQlE6tC2MPBl-W2rwcVVoWnY6j__FbPOAjW8CBHxjPViFrgfbJXTfqCtDe6g HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFkWTclvXhKGzbeBwKClNgo&google_cver=1&google_push=AXcoOmQjhU38dE1K17ibLRFNIsh3Hs8E79pX56uQKLbQlE6tC2MPBl-W2rwcVVoWnY6j__FbPOAjW8CBHxjPViFrgfbJXTfqCtDe6g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zStu-6cQSRiVXlKJDtk4aA&google_push=AXcoOmQjhU38dE1K17ibLRFNIsh3Hs8E79pX56uQKLbQlE6tC2MPBl-W2rwcVVoWnY6j__FbPOAjW8CBHxjPViFrgfbJXTfqCtDe6g

Request Chain 278

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFjQDDeTia6ExhVOaKejzmA&google_cver=1&google_push=AXcoOmR2DANEtrpVAj5owQ58ZX8ZpBZAMV-YjJkKcVsYaI2hUjEjItt9_nFBfAYSVDNt4LNa9TnjEXZUU7TCWhpft9iHnlXKSmA7kQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR2DANEtrpVAj5owQ58ZX8ZpBZAMV-YjJkKcVsYaI2hUjEjItt9_nFBfAYSVDNt4LNa9TnjEXZUU7TCWhpft9iHnlXKSmA7kQ&google_hm=NDQwNzg1NDIzMjYzODY4OTIyMg%3D%3D

Request Chain 279

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMXbCNcGp3AdRqZxMG43lik&google_cver=1&google_push=AXcoOmTWB_WauEa9yaemx6lKlrkYOHhF1utvyW6iBCxx4SyDDjr0PzvXrTcoNUOGCphn_osrEOpxX42GZ8HW-tzlZ2cenM2ALZHfiiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTWB_WauEa9yaemx6lKlrkYOHhF1utvyW6iBCxx4SyDDjr0PzvXrTcoNUOGCphn_osrEOpxX42GZ8HW-tzlZ2cenM2ALZHfiiA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 280

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENfSJJwgmxsZ3NikNl1ImYY&google_cver=1&google_push=AXcoOmSH3xBFWYtP2Kyw1u92Bh9C-Y761Oi5i99zPjgVIofBYjKsxdIdHz32qHlIVsmdo6XVpJjSdF0Ae_3d00sQJGGZNxOjq_ToGOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzlmZjhjYjYtNDczMy00YTkxLWIxMmItNjM0ZTczMTgyMzc2&google_push=AXcoOmSH3xBFWYtP2Kyw1u92Bh9C-Y761Oi5i99zPjgVIofBYjKsxdIdHz32qHlIVsmdo6XVpJjSdF0Ae_3d00sQJGGZNxOjq_ToGOQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 281

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEL2gAmek2bRGCoAC_dZf1jY&google_cver=1&google_push=AXcoOmRWZolSRGKNLEB2S5mqSprM_IemW2GpVAdyJt2qDBPWddVxlhTD5ewDhng9ge5FN5l7l78h_c_HY57_MUeVEYWL9KGfZXY6rSU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODQ2MDk0MDg3MDU1NjYwNzQxMg%3D%3D&google_gid=CAESEL2gAmek2bRGCoAC_dZf1jY&google_cver=1&google_push=AXcoOmRWZolSRGKNLEB2S5mqSprM_IemW2GpVAdyJt2qDBPWddVxlhTD5ewDhng9ge5FN5l7l78h_c_HY57_MUeVEYWL9KGfZXY6rSU

Request Chain 282

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDUQYuWco1obVEgNxCLoqCA&google_cver=1&google_push=AXcoOmQ3ROVEG1ZpHC0-rbbl754ZlWzOz7W_WbpKTJpwcQhBQbFHG6PFqkLJdtXYfSq0AmpUvyNIdRHpMyBNA7_Q0PVCq3KxZPFTtJc HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDUQYuWco1obVEgNxCLoqCA&google_cver=1&google_push=AXcoOmQ3ROVEG1ZpHC0-rbbl754ZlWzOz7W_WbpKTJpwcQhBQbFHG6PFqkLJdtXYfSq0AmpUvyNIdRHpMyBNA7_Q0PVCq3KxZPFTtJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=063148ff-632a-4ea7-9061-a54988eacbaf&%%GOOGLE_PUSH_PAIR%%

Request Chain 289

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1&google_push=AXcoOmSReBdg4C2PW5GXUaksG1FJQfUKpr7FJcwRnXKJLJvgRY9Tbc-lfCvxgY2Jb-vBqcRHgQle65lSN9SqyPIJGkm9Ds_jn6-O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM5MTQ4MTQzODk3NDg4MTQ5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1

Request Chain 290

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBDCPgUf5xWQlQeUN7eZwEA&google_cver=1&google_push=AXcoOmQiEahJ3Ywf5qYsLVrjrG6BDdgPjAcRK9MsjovJGx6TbjdbhhdDikyF1pCvH21aS3yAJrOw3T_7z2u3IM0VjmPG4p0EmSI HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1630d6f3249917e6&is_secure=true&networkId=14000&version=1&google_gid=CAESEBDCPgUf5xWQlQeUN7eZwEA&google_cver=1&google_push=AXcoOmQiEahJ3Ywf5qYsLVrjrG6BDdgPjAcRK9MsjovJGx6TbjdbhhdDikyF1pCvH21aS3yAJrOw3T_7z2u3IM0VjmPG4p0EmSI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI8tDGkT5SxgMWvLhaAAAAAAA&expiration=1696403486&google_cver=1&is_secure=true&google_gid=CAESEBDCPgUf5xWQlQeUN7eZwEA&google_push=AXcoOmQiEahJ3Ywf5qYsLVrjrG6BDdgPjAcRK9MsjovJGx6TbjdbhhdDikyF1pCvH21aS3yAJrOw3T_7z2u3IM0VjmPG4p0EmSI

Request Chain 292

https://rtb.openx.net/sync/dds?google_gid=CAESEA25OVsr7OjFr1weXo6LkF8&google_cver=1&google_push=AXcoOmSAovm4cqKrfmfhokcRCh-1xoNPeGSeMDDaKG7b2Pv3I3WBBQEpPm_GF7YODTLuyuSxnWfVcpoN7k-hoPEahEozmS5cs2k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSAovm4cqKrfmfhokcRCh-1xoNPeGSeMDDaKG7b2Pv3I3WBBQEpPm_GF7YODTLuyuSxnWfVcpoN7k-hoPEahEozmS5cs2k&google_hm=6TfDAfbaxIsUKrYWhtix1g==

Request Chain 293

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGVBTlxLgbqz52rwmzEnO_g&google_cver=1&google_push=AXcoOmRIAdpu0Aq24LerN_VCSOEl6G8jb8lub0233wfyF0JLAYA85Hpex34acewySMdUh35PeURzdCZs5mwQQJk1Ds-vT4G4ZJuI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE45WkU4RkUtRy1FSzNB&google_push=AXcoOmRIAdpu0Aq24LerN_VCSOEl6G8jb8lub0233wfyF0JLAYA85Hpex34acewySMdUh35PeURzdCZs5mwQQJk1Ds-vT4G4ZJuI

Request Chain 294

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMXbCNcGp3AdRqZxMG43lik&google_cver=1&google_push=AXcoOmT-PrAPMk1-V-jq0JU5zEm1bdRNseJ3NmZ7bPlFd4kdzIu8hRtKKBHvXyRYJ1sX0-n7SBVfQbJMD-TkNHjUjHCx_g02481f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-PrAPMk1-V-jq0JU5zEm1bdRNseJ3NmZ7bPlFd4kdzIu8hRtKKBHvXyRYJ1sX0-n7SBVfQbJMD-TkNHjUjHCx_g02481f

Request Chain 295

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMXbCNcGp3AdRqZxMG43lik&google_cver=1&google_push=AXcoOmTk78oTyRrOZB89ebcptuOCA1tFTdVnDPH0rT5MAUsgvQ6dIHaRSzpgzEwfIxk-3N0NwUC5X7XwdavzionI7sMf9G_0mld_Ow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTk78oTyRrOZB89ebcptuOCA1tFTdVnDPH0rT5MAUsgvQ6dIHaRSzpgzEwfIxk-3N0NwUC5X7XwdavzionI7sMf9G_0mld_Ow HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

331 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen Show response
www.xgcartoon.com/detail/ 77 KB
17 KB 940ms
454ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bf1a325a0a06b0ef841140d2afa846981bcb44075230923b7b1821ff9c62c64b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 07:11:14 GMT
etag: "1326e-aWs23goJJzFdVNwQXcKz3x+uARo"
expires: Tue, 03 Oct 2023 07:12:14 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 137ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 07:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73010
x-xss-protection: 0
server: sffe
etag: "b44d49b4390daba4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 07:11:15 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 186ms
87ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6f226bf73d309afec0f8136aadcd4c31a5fb38158edc76f2be201529cea88e4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 07:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23140
x-xss-protection: 0
server: sffe
etag: "f5b07adb469547c2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 07:11:15 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 165ms
72ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1305d7baebcaaca830bdaa875d69c9ffaf511c107d90d6c94d505589d6dc67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 07:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9433
x-xss-protection: 0
server: sffe
etag: "b14eeeba16ce92c6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 07:11:15 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 205ms
112ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c849575fe72d56d0355d4e41ce8eab134584f902f1e6e6e929c6b5c73e0f1b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 07:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14981
x-xss-protection: 0
server: sffe
etag: "a6229935c5b0422a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 07:11:15 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 218ms
126ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3fe2201aeda9050d5a049b03528e35c36bc20298f05b3e5e2a3574c385b683d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 07:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15378
x-xss-protection: 0
server: sffe
etag: "3b480126f8007a6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 07:11:15 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 172ms
80ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b99ee275208ffdee7bbd9fdaade2698a3709c3fd608d82d9670ecdc7e05d132d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 07:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4743
x-xss-protection: 0
server: sffe
etag: "603c8b5d2fa04c60"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 07:11:15 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefd5bd9a30367cb1a5e8dc7168f1515a31a53786b415865c867c221c74b5ace

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 07:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10347
x-xss-protection: 0
server: sffe
etag: "a73f5bd113ba16d2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 07:11:15 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b22b527a652c53284f5339711a08c2ef2667565d35c09e38f835593e2fdea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 07:11:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32178
x-xss-protection: 0
server: sffe
etag: "ecb8b9e35f89310d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 03 Oct 2023 07:11:15 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
469 B 251ms
179ms Image
image/gif 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 81035eb8f9fdbabd-MXP
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 242ms
241ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:15 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Tue, 03 Oct 2023 07:14:15 GMT

GET
H2 200 sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen.jpg
static-a.xgcartoon.com/cover/ 161 KB
161 KB 1135ms
1041ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289a63329e779d0f0bdf9cd870d5c4f96ef6a5d8ee8ba4fe40ac02a7b9c8e8b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Feb 2023 11:25:26 GMT
server: cloudflare
etag: "541A6A1AED0015101C8743FAED8CCEB7"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81035ebb7aea374f-MXP
content-length: 164742
expires: Tue, 03 Oct 2023 18:01:33 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 253ms
252ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:15 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Tue, 03 Oct 2023 07:14:15 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 249ms
249ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:15 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Tue, 03 Oct 2023 07:14:15 GMT

GET
H2 200 mowangxueyuandebushirenzheshishangzuiqiangdemowangshizu_zhuanshengjiuduzisunmendexuexiaodi2jiriyu-qiu.jpg
static-a.xgcartoon.com/cover/ 86 KB
86 KB 1133ms
1040ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/mowangxueyuandebushirenzheshishangzuiqiangdemowangshizu_zhuanshengjiuduzisunmendexuexiaodi2jiriyu-qiu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 375ce5168faa6d90408b9633e21396a96702d510a2770e5ed166ea0d29119eae

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 04:07:22 GMT
server: cloudflare
etag: "A9193FEBFCD107E42A850E5556C29686"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81035ebb7aeb374f-MXP
content-length: 87886
expires: Wed, 04 Oct 2023 15:27:25 GMT

GET
H2 200 zhanguobasara_di2jizhanguoposhaluo_erriyu-capcom.jpg
static-a.xgcartoon.com/cover/ 78 KB
78 KB 1051ms
959ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/zhanguobasara_di2jizhanguoposhaluo_erriyu-capcom.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a90b3fc63207809462f0b5f2eca5165963c2493ae933939930006417351596

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 04:00:19 GMT
server: cloudflare
etag: "C54D3CA46014ADD959BA5CB947ADB634"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81035ebb7aee374f-MXP
content-length: 79414
expires: Tue, 03 Oct 2023 11:23:07 GMT

GET
H2 200 chenglonglixianjixilieguoyu-longzhibaogongzuoshi.jpg
static-a.xgcartoon.com/cover/ 72 KB
72 KB 1133ms
1041ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/chenglonglixianjixilieguoyu-longzhibaogongzuoshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc526f9cea36c3bb804ff71878fae243dabe9f97e2dac555f54a7b2270190bd6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Nov 2022 02:28:40 GMT
server: cloudflare
etag: "8C7CCFE6BC2C0D07669B8619D781584D"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81035ebb7aef374f-MXP
content-length: 73260
expires: Wed, 04 Oct 2023 12:30:14 GMT

GET
H2 200 shumabaobei02shumabaobeidamaoxian02shumabaolong02shumabaobeidamaoxian02dierbuguoyu-benxiangzhaoyou.jpg
static-a.xgcartoon.com/cover/ 62 KB
62 KB 1102ms
1011ms Image
image/png 2606:4700:10::ac43:2a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/shumabaobei02shumabaobeidamaoxian02shumabaolong02shumabaobeidamaoxian02dierbuguoyu-benxiangzhaoyou.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27d5c08d1131cab6859b75e31b642f049da02cffeb705334376e5095653aecf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 01:37:29 GMT
server: cloudflare
etag: "46A3A5029523CE957A4B4013C65C96FE"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 81035ebb7af0374f-MXP
content-length: 63667
expires: Wed, 04 Oct 2023 09:50:42 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 8 KB
3 KB 100ms
32ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Sep 2023 19:31:14 GMT
age: 560401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2976
x-xss-protection: 0
server: sffe
etag: "07fb3dc7eac63481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Sep 2024 19:31:14 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 237 KB
63 KB 69ms
37ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa4a7bb3250246172fb936a76cad3eda063687abf10aeef1780a2fb659a9abc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Sep 2023 19:31:14 GMT
age: 560401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64071
x-xss-protection: 0
server: sffe
etag: "554c2edaf6ccd50b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Sep 2024 19:31:14 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 12 KB
4 KB 56ms
36ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Sep 2023 19:31:14 GMT
age: 560401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3936
x-xss-protection: 0
server: sffe
etag: "3d96bab6a7d5a37d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Sep 2024 19:31:14 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
14 KB 367ms
241ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=3003755&ga_cid=amp-RShIgk_xtzVmnFZBkaFm3g&ga_hid=3755&dt=1696317075988&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fsishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen&bdt=719&dtd=61&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a4bdcfef47571b37c2abbe7e91e7ad39795487995525e0da25ce0334e3ab770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13261
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CMuGhcap2YEDFbOT_QcdA_IAFQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027453313
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 03 Oct 2023 07:11:16 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 1089ms
969ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=837&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=3003755&ga_cid=amp-RShIgk_xtzVmnFZBkaFm3g&ga_hid=3755&dt=1696317075989&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fsishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen&bdt=720&dtd=68&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8141811b27a456809c95cb051c9f1f77d4c44b4f28d8f55a27dddc0e26ea6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13266
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CNyrhcap2YEDFRSb_Qcdwg8Bww
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351398969
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 875ms
757ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=3003755&ga_cid=amp-RShIgk_xtzVmnFZBkaFm3g&ga_hid=3755&dt=1696317075989&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fsishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen&bdt=720&dtd=69&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27aee1d5ef1ac486b91a739d226b34ca1d58beccc1f4e401fc70ad129faad014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x50
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13246
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CPKahcap2YEDFWf9uwgdHGQFeg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027455953
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 03 Oct 2023 07:11:16 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 691ms
575ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=3003755&ga_cid=amp-RShIgk_xtzVmnFZBkaFm3g&ga_hid=3755&dt=1696317075989&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fsishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen&bdt=720&dtd=71&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98873d2f2eb3a03e447a29bb3c8f146f455bde0faf5d484f10e873f759531f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13246
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CMKZhcap2YEDFdGT_QcdS9wLwg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027454273
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 03 Oct 2023 07:11:16 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
23 KB 546ms
430ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1033&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309151607000&d_imp=1&c=3003755&ga_cid=amp-RShIgk_xtzVmnFZBkaFm3g&ga_hid=3755&dt=1696317075989&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fsishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen&bdt=720&dtd=72&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

461621c3b324b086d9ccf9defa1a3c0adfe6be6da0a0ffe40ea29151799edb16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23468
x-xss-protection: 0
google-lineitem-id: 6136661665
x-qqid: CJWMhcap2YEDFeCe_Qcd3TsGuw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370495019
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 03 Oct 2023 07:11:16 GMT

GET
H2 200 container.html
186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 157ms
38ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012309151607000/v0/analytics-vendors/ 2 KB
886 B 34ms
34ms Fetch
application/json 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Sep 2023 19:31:01 GMT
age: 560415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "299923aefdac6510"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Sep 2024 19:31:01 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 239ms
238ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
AMP-Same-Origin: true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:16 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:14:16 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 179ms
75ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=3755&cid=amp-RShIgk_xtzVmnFZBkaFm3g&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fsishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen&dr=&dt=%F0%9F%8D%B1%E6%AD%BB%E7%A5%9EBLEACH%E3%80%90%E5%8A%87%E5%A0%B4%E7%89%881%E3%80%91%E7%84%A1%E4%BA%BA%E7%9A%84%E5%9B%9E%E6%86%B6%EF%BC%88%E5%A2%83%E7%95%8C%E5%8A%87%E5%A0%B4%E7%89%88%20%E5%88%A5%E8%99%95%E7%9A%84%E8%A8%98%E6%86%B6%E3%80%81%E7%84%A1%E4%BA%BA%E7%9A%84%E8%A8%98%E6%86%B6%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1696317077&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5940 6 KB
3 KB 40ms
38ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:17 GMT
expires: Wed, 02 Oct 2024 07:11:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D8E 6 KB
3 KB 40ms
33ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:17 GMT
expires: Wed, 02 Oct 2024 07:11:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B51 6 KB
3 KB 47ms
43ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:17 GMT
expires: Wed, 02 Oct 2024 07:11:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6875 6 KB
3 KB 47ms
45ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:17 GMT
expires: Wed, 02 Oct 2024 07:11:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5940 24 KB
7 KB 237ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 347828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5940 18 KB
8 KB 282ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d8200ff44127aaa31192ba26e510d40b8b2fcd94a140fda0e045c856a7c2461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7898
x-xss-protection: 0
server: cafe
etag: 16259718063149361109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5940 187 KB
59 KB 280ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8D8E 24 KB
6 KB 214ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 347828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8D8E 18 KB
8 KB 466ms
280ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3959bc82fe3865f2b162aeaeece6732ed5cd49261548f7db0256b4d168b45605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 4490957046441766083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D8E 187 KB
59 KB 344ms
159ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9B51 24 KB
6 KB 212ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 347828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 28 Sep 2024 06:34:09 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9B51 18 KB
8 KB 458ms
281ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18da8c67db156429bae7ab487aeb729bb96857ce6f797b8f34cb33a05be3d436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
server: cafe
etag: 6491176668104012373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B51 187 KB
59 KB 396ms
219ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6875 98 KB
29 KB 195ms
194ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c4164315e5413c774f97a73429bc31af96c16d4d6629fad069b686506ce09db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29365
x-xss-protection: 0
server: cafe
etag: 781 / 19633 / 31078333 / config-hash: 11315866393028345432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6875 187 KB
59 KB 306ms
147ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6875 0
438 B 115ms
111ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZCZVIW4OTD4dGJ7QE_qT55k1Nhm97JSkuA2psrZosaPN7hYXKG_gSTlFi1qitdyJh_u_2pPoHjj1lWCA_O57r2StqhDXTXBI_xguLpbvIoiwIxaqmgPd6DPGaE3jAwvH0iHjrmN-huegp1tDfN6RNnmEjKN-Z55Q0CNDfYR6eAfZzhrJGuS0K6ALsZKJWX-iOWNUfdZ7ZfOUl6CXRSlPgRofp0gICKpCfv_8RX4lU5MjjxkbG1iRNfAmhin40Kb8i3E0h0XLGp7wgpKNoT652YeeHI0eYZDmsx3qvAnC_W19NyhfVYMt8Dzn7sDv6j6P2qMcu5yDHTeA-gCsApvIBWRyFQJ49Y5AWho-Knb1Bmwe58y4&sai=AMfl-YSSQTKXapp7jW8D3JEEiK4xQetIT1VImL533VnQMOMayR9BlMl2944VuCHOKLg-cZr3isHqe0kgKvK_KNI&sig=Cg0ArKJSzFaVYQNnfEgLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H3 200 container.html Show response
186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FEFF 6 KB
3 KB 134ms
125ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:17 GMT
expires: Wed, 02 Oct 2024 07:11:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame FEFF 18 KB
8 KB 349ms
303ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dee82a159a48478b1cadd64e7fc4b3a2d486a106679f745245aee813585c2bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7886
x-xss-protection: 0
server: cafe
etag: 5626473734117378209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEFF 187 KB
59 KB 158ms
113ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FEFF 0
26 B 104ms
74ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd5KP9-rRslDXdL3z3p4a1mwfp_ImJGdXCFeNDpvxJkmKUGk05LtWzTrZaWafleLw6Uxyn4T-CM1t9HDSk8bFo7f6GImGV-VLA1gRKtHbNU2mZb-ro-YNeVPrjkzvPBywG3ekr0PFgnqm-LIxjLhYE1GdnxTmrTeeh7fXFIu5hQmsbHLA_LQPAix8gHTcIrbGdqnHyfiw9JqhnqOCEQK6aBNTtLWOCqNQ3d4k7TDD7mGzCdMrdkIaSGJVSaCikR9ZhY75TvIN5ir1_FMQVQ8Hjz8HZR09oJfb_9LZNTNPKKPAVBz8j0VvPCG993-rR7A_h8U5RTr6D2iTe9czLzypO8hsYY5GUTZDHSehUIjoI&sai=AMfl-YRlLtw_h8W8P7-cEAH5CcJRnxyN4wTDQkPcP7iiqeKMQ_wAYus8qDjzmKkTa8Lc9Z32fPcgWb7gLllsLI0&sig=Cg0ArKJSzHW7nVV1bZQjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5940 0
26 B 125ms
118ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMV_LPfKnOYpNJMN85AAEyv1xeotTPlCqEapdzI2BLdW5zNtO3uo95-MBjbSbgKaRs_R4_5fXhXPJD41QeZXaoFUz0odPcBNcJunGc1jqh5OhQif1VitfzTJmQu6FCDehrogn-THtso-_KrBXgp1FGqwpwHf6LygTsRqmrMuDgZ4tpV3T6yldZqEeLLoS-f7TNSSnKIs-sYHuXdVGgo28SlecJ_vM1YwmhexT6uabkU-BcKMNtZ0j27RdpLFdOqDQMUK8VaXaHOsGEDX6zHrfnW3UEIOpz5npWnqlnkSej2OoM654qPwnVGhILBddO65z8hXw4fQFyTyloFmG3XGQEI8rtTUIhnvlm9ptqW7UF&sai=AMfl-YQbGoLW2er5Uf0QJK-w4cTWodUeDS20MAtcpvKtJVLsLs92svhudy-rWYgzXNvOXsTW6QQXpV-65mzu7yc&sig=Cg0ArKJSzFZtisN7vkUSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B51 0
26 B 80ms
79ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQYc4YfKL2nDbxY-qtUgBQqthsFDqtX70Z1oyzWwc8AfkoO8bASFVY95WoSkvz1HWQt48t97YeyE3nRMtQMMU61TfRrJq9aBm4gjSxlzCYxCa3BipIFTSrL4r2AarkaZH8rj9z23Nc1GcGpZzG99hcH7EwQjSSSGQu-5tzTWdCu0oCWGfd2Dj8h3KAdIDhO9swM9suUcBAO20bdCmawy01KzKYHqlqJM2XRZCaKEYMa9xueAPSNrb6yhcoyv31rBAXosxL0KXMVPdiwPWhBAc-X-69O32eBQoo4vVI8MvtvUVVBF9hAoGkD8k_UjhAszrojhzSLjdHwrOJAFODidBI0h4kZ3JgZsW-JKZQBrc&sai=AMfl-YSy4yxVMEvw4Kzonie67wRFNyhD9O6wjb9Q5u8ZYgo4XOM_obhLu_hMHpdSVEtVLT83erUWYduQU-gJh9Q&sig=Cg0ArKJSzOp7ld4HN-WWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ Frame 6875 413 KB
130 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68603
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133452
x-xss-protection: 0
server: cafe
etag: 5291400228273913750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 01 Oct 2024 12:07:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5940 142 KB
49 KB 112ms
110ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c014ceee215843eda25f71550ce11ee82308e82aa70ea957ec7c4b64d81f8c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
server: cafe
etag: 18119258855421899178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D8E 0
26 B 74ms
74ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsser8_pL-YWeNhgp38JeAeyheONhzs1H1gIw1YysD2L9YMhptzix4eRGDRI22sE3MG713Pi-fJrT2_Ah7Xe6-EfWgUNn8737OCsAvDpZmBSIqZZiI0HNns-P6G6YIvZshW1qeYvC7lhFEZOoLiSD2yEQRz-mRGsAp_oydFea0mF5B7rZu5RGPLILrjzqVEs0XFp1CsxOn6t72EF3EM2KYLmcTO-jot7Mpj1w8yRDHixGnpa8J6ptBFXisJq8FVtIXrT8Lba88LOTXe9d0xKLk1tfW1bhXQl_ocyEkRlgJnbCUYq1Vy-W4TRnU4Zl_pRRxAVOEfJGcAac1fL8K-lqGaQTloOjWs-8GHSn0hsBB4&sai=AMfl-YR-F_K2re_c9eQfRE23nedwp3iX-vdKgtbOp_IOFesbMi-EHfhdAgLIa7vSWrgwx-yoSaLaZwGsKWG9em0&sig=Cg0ArKJSzJwPgKy37hHQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
URL: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8D8E 142 KB
49 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63094d9ea33b162369614d537c8add4796bf23adf5d24cf5b8a602237e16f568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
server: cafe
etag: 6776632817186617699
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:18 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9B51 142 KB
49 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4397740b31135a1b35a5223751e2fbd5bcb653b95e05a29a569ef4fae249aa7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
server: cafe
etag: 1956326302104177452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:18 GMT

GET
DATA 200
OK truncated
/ Frame 5940 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc08d0bea55ff25879cb217bf5ce65e8e3f18b2276654ddc68574f291929cbff

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6875 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c15fe3f79599361a950b6f3f4a61b3540761a33b9bcbcf9b422c38487e677886

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FEFF 142 KB
49 KB 170ms
162ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c67f981af134d9395cf0335f1fe6d9f81892aff25ad011fbdff8d553a5ae5b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50444
x-xss-protection: 0
server: cafe
etag: 13571073802825464864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:18 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6875 31 KB
14 KB 334ms
333ms Fetch
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3079225621326333&correlator=3118796325588371&eid=31077099%2C31078450%2C31078333&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C468x60%7C728x90&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com&abxe=1&dt=1696317078181&adxs=0&adys=0&biw=728&bih=180&isw=728&scr_x=0&scr_y=0&ucis=xsex915g4uxm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fsishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen&loc=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&dlt=1696317077165&idt=956&prev_scp=in2w_key9001%3D1%26in2w_key%3D1%26in2w_key2%3Dnope%2Cbenchmark%26in2w_key3%3Dnop%26in2w_key4%3Dnop%26in2w_key5%3Dbenchmark%26in2w_key6%3D--3---%26in2w_key7%3D1580%26in2w_key8%3D1%26in2w_key9%3Dbenchmark_request%26in2w_key12%3Dbenchmark%26in2w_key15%3Db0%26in2w_key16%3D1&adks=575790411&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be05d931ecf3d0b6d2cf97cd76e991e71c9a015ab776ab7af4f46d559ae0607e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13970
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 961A 6 KB
3 KB 86ms
38ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:18 GMT
expires: Wed, 02 Oct 2024 07:11:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame 5940 378 KB
128 KB 182ms
175ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9e5dcb9750ef85fa11ac94c20ce74e91cd222ce01cc0e953de8fe0e19214c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131249
x-xss-protection: 0
server: cafe
etag: 17508087958895266325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/ Frame 01BB 10 KB
5 KB 106ms
31ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 06:55:14 GMT
etag: 2603938475786422795
expires: Tue, 17 Oct 2023 06:55:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame 8D8E 378 KB
128 KB 181ms
148ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2f39ebaedd4712d46c42a9bf8e8bab2662d6fd4a4e1dd0f5c0adddb8c25fdda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131244
x-xss-protection: 0
server: cafe
etag: 16459987886211598210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:18 GMT

GET
DATA 200
OK truncated
/ Frame FEFF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca66f41ff8275222ed36c77b50da625de57340bebc63879b3dbd4f01a86a98b4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame 9B51 378 KB
128 KB 245ms
242ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9e5dcb9750ef85fa11ac94c20ce74e91cd222ce01cc0e953de8fe0e19214c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131249
x-xss-protection: 0
server: cafe
etag: 17508087958895266325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:18 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame FEFF 378 KB
128 KB 209ms
206ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e109816b02abcd094210371b33e737bdccaef99e9e01ad00b934f5de0fad5db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131251
x-xss-protection: 0
server: cafe
etag: 12152024243679622158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6875 0
0 138ms
67ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUbHptf0RihFZQAN_PXlI468iXImYoShwHcUPrlAMovt8_4XHR-b9CcGDlbEJzSiswC4_voo842ag96qQ4Oj35J-25QMhDi62UDnDCIvOEl8-kvuU59t6seK2PS9aRjrM0pGpCbro_UZKVuG_2jiAVcJwIbHjyDdJ4l5HRxImelolFWIh2aI0FnYbVnzDwGY10iIwmytQX7KWQL5rL1ycVprHpHQOyNzhvTr_sMiHK4ioAxU-cSoNGXf0-om26kHf9f-5s-H700Xjfww79LH01avp9DZrYZGJu5-D_-UX2TXZTu_746RxgR6_oXN8C9VMwqDwKDNyVGQoXmNaAk0U7aV17dd_20O7XgGnuLVhtK4Kfkj2J_A&sai=AMfl-YT1I7tM-hmV2n_5GDvXW3Ei01q6-xgBnIWz16Ao0VUHSopFZUDEL-Nb6y_xS_ieRvLRE-Ur1wma1Y1XYY4&sig=Cg0ArKJSzBf2hdvkG_HsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 07:11:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6875 16 KB
12 KB 174ms
92ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f3f635d430d10f544dad43158b77bf0cdf578b38f3f2452ad4742dc14cdf23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12083
x-xss-protection: 0

GET
H3 200 container.html Show response
31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DB3 6 KB
3 KB 48ms
37ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:18 GMT
expires: Wed, 02 Oct 2024 07:11:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5694 30 KB
13 KB 435ms
432ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3716132f8a7913dccedf532c1ab001429403378cb0e00329d1eb675e94c7bae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13628
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6875 17 KB
7 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:11:19 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8756 108 KB
45 KB 407ms
406ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077988&bpp=552&bdt=832&idt=1096&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31077327%2C31078200%2C31078363%2C31078301&oid=2&pvsid=4176355876507025&tmod=580213982&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vqemlxg1lv80&fsb=1&dtd=1180

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6da6eaa08cc5b3c12f2c3ff424f1d81610d90bf31d4e4f75ea1d7ddb776f276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46041
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5E89 624 B
242 B 72ms
69ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_-am9QEwAQ&v=APEucNXnG5geCqLb0dDauGjQc84RtzNnN_n4pKghBKsyY8ZCgNIo7eHH9PcAuJUv8wwXS9H8ir7Zw2UbMUScYiUse7_5syJyxX5SbX_I3_HY7SW3mNMs1s1-aWVP9hpdpFBy05SLJ_8mIB4El6odtvWFi91oHQhXgvKdKbC9bFl4yoJFMHeaWAk

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1DB3 89 KB
31 KB 206ms
203ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB3 42 B
63 B 95ms
82ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BukAv43TfdNudt_hv0i872GsLnpSp0pfco84S--3KBZIzI1fU-sDUzrWQJu8PwHaEi8aoGtDxDnz_8HX453mK-3MErHFB7L2iRZhwhCMloYYVyE6I

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB3 0
20 B 100ms
84ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9070606129094731229&x=1&ct=77

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 1DB3 2 KB
1 KB 231ms
42ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=29615901&cmp=216242&plc=7609401&sid=18330&dvregion=0&unit=728x90
Requested by: Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:44 GMT
Server: UploadServer
ETag: "56f95dec40f6402642b5537aa29ad91c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Wed, 04 Oct 2023 07:11:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1DB3 3 KB
1 KB 56ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1DB3 20 KB
8 KB 57ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1DB3 0
0 215ms
31ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTpHJrNStUljwGIOZkv6oSdk4dW97poxFfDszQLPmWaZfnTEF3DqwqAMUjUdgJ-7vtESiw2-8p7BshNd4bEcg5XP92Jg
Requested by: Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DB3 187 KB
59 KB 82ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:19 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1331 24 KB
11 KB 348ms
347ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

994d69ad3635f9ab951fac4378f29d66f8a715681ce41b2bbf49ebb132bba012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA10 26 KB
12 KB 432ms
423ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e718308fbcce37e60c21c5418573c39b7810d5e5d375540667ce512c22ef984f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5E89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDDYLF_Q_kRRp9cYVAZyF8&google_cver=1

43 B
340 B

65ms
55ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDDYLF_Q_kRRp9cYVAZyF8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_-am9QEwAQ&v=APEucNXnG5geCqLb0dDauGjQc84RtzNnN_n4pKghBKsyY8ZCgNIo7eHH9PcAuJUv8wwXS9H8ir7Zw2UbMUScYiUse7_5syJyxX5SbX_I3_HY7SW3mNMs1s1-aWVP9hpdpFBy05SLJ_8mIB4El6odtvWFi91oHQhXgvKdKbC9bFl4yoJFMHeaWAk
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arHI%2FS7rLfcvW9Z3hEq7WgQYUvK1Eq1PXApJkElbvGk7Vyh30pwXTN0LVx0asWaHY5Ib2HTsmVMQcXEGHksseGHqHt%2BgX%2BnZwIhTuzH4j97tmQcllT8Z1T2Esxl32%2FrMyT4kXD3Xrv6%2BYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81035ed5ee340208-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDDYLF_Q_kRRp9cYVAZyF8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5E89
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRu.l5qNbAN-sLWhnTV38QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDDYLF_Q_kRRp9cYVAZyF8&google_cver=1&google_hm=2

43 B
766 B

126ms
91ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDDYLF_Q_kRRp9cYVAZyF8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_-am9QEwAQ&v=APEucNXnG5geCqLb0dDauGjQc84RtzNnN_n4pKghBKsyY8ZCgNIo7eHH9PcAuJUv8wwXS9H8ir7Zw2UbMUScYiUse7_5syJyxX5SbX_I3_HY7SW3mNMs1s1-aWVP9hpdpFBy05SLJ_8mIB4El6odtvWFi91oHQhXgvKdKbC9bFl4yoJFMHeaWAk
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lv8Cbf23THvZGVgDQNpiOJCf39FEmz5Sd6c2tAzIaF1i0G4%2BizoNA3YzCWNZx5txoPijBEpxYiDAReX8ezrerW5Hhza%2BgfCeYz71CG0903EMlQzuBd5pZNMZfrDRphxvaZMmNOaWUSSEpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81035edaca832397-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDDYLF_Q_kRRp9cYVAZyF8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5E89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKrj9T7Ec6oT9kuraE3T38I&google_cver=1

43 B
838 B

52ms
42ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKrj9T7Ec6oT9kuraE3T38I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY_-am9QEwAQ&v=APEucNXnG5geCqLb0dDauGjQc84RtzNnN_n4pKghBKsyY8ZCgNIo7eHH9PcAuJUv8wwXS9H8ir7Zw2UbMUScYiUse7_5syJyxX5SbX_I3_HY7SW3mNMs1s1-aWVP9hpdpFBy05SLJ_8mIB4El6odtvWFi91oHQhXgvKdKbC9bFl4yoJFMHeaWAk

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
an-x-request-uuid: 7f673f6e-eef0-4e5e-9257-9e27b07eab1d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.106.22; 176.10.106.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKrj9T7Ec6oT9kuraE3T38I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E89
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2MDk0MDg3MDU1NjYwNzQxMg%3D%3D

170 B
188 B

149ms
103ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2MDk0MDg3MDU1NjYwNzQxMg%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
an-x-request-uuid: 379e8b34-b4af-49e8-9b3e-4e98cbb9e094
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ2MDk0MDg3MDU1NjYwNzQxMg%3D%3D
x-proxy-origin: 176.10.106.22; 176.10.106.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D69 13 KB
5 KB 87ms
53ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 66173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 94B8 829 B
1 KB 74ms
40ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7bd05b37de5316dc987d84ab162ad2defb0105dd4129ad6f962057998434f5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uW7lAHjOPtI4HdDHYa2MdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uW7lAHjOPtI4HdDHYa2MdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:19 GMT
expires: Tue, 03 Oct 2023 07:11:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5694 42 B
63 B 103ms
75ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AXbfdlAdC14fVeLtofach3mj4tYhLI5QGn80YyzjU7iUgFUlpI-lfCMlRGOpRttKOWR4GZLJW1FY8NHVtiFIZRW3BZpv1nAUz90fkYgJ7ev4tDWWQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5694 0
20 B 104ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4096156551671006698&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5694 89 KB
31 KB 292ms
272ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:19 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 5694 2 KB
1 KB 53ms
33ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688687&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0jZaNOYbwwmElwsowx5fhxF&c1=3060631&auorder=1012740201&aulitem=20200241964&aucrtv=495871122&auxch=1&pltfrm=1&ausite=1950747532517&turl=https://www.xgcartoon.com/&aubndl=&audeal=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:44 GMT
Server: UploadServer
ETag: "56f95dec40f6402642b5537aa29ad91c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Wed, 04 Oct 2023 07:11:19 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5694 9 KB
4 KB 154ms
64ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0jZaNOYbwwmElwsowx5fhxF&c1=3060631&auorder=1012740201&aulitem=20200241964&aucrtv=495871122&auxch=1&pltfrm=1&ausite=1950747532517&turl=https://www.xgcartoon.com/&aubndl=&audeal=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 0900b25347fe8ed7071bceff0d3e3097c06fa5d2d6d8dfd97ec767080a44df63

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 16:23:43 GMT
Server: UploadServer
ETag: "d20aee7a63eeb063341f59e007b47fdb"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3640
Expires: Tue, 03 Oct 2023 07:26:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 5694 3 KB
1 KB 62ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 5694 20 KB
8 KB 53ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5694 187 KB
59 KB 68ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:19 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F894 640 B
262 B 138ms
119ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYksm57AEwAQ&v=APEucNUkOWr0_nB07--uHtOmeuKKHiqMHjfcLvyl5DorfQQEyRo9uClM-xeIhrZ7CFSsUuhgE9yB9ictbNInXbDcSH4HbdDg2suPqQzARSQNcIhUdZpiPobR5BAlVT9UuFwEEWwEY6RPuvyn05Gr2ZSuIH1ZEmXQCuK_BXZ3d2acLtIpR02Wkzo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8756 42 B
63 B 139ms
119ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFUO4M1fqQdOtaKGYMqE9hMdpEBuHXB40Tt5oKKr5OfvVZnA1neNEEpoJkc0YROk8Jezc7O6RanpkXVN7R_UIbnoSdRz9CMUJWLNoh2ZmRLs_Cyb4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077988&bpp=552&bdt=832&idt=1096&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31077327%2C31078200%2C31078363%2C31078301&oid=2&pvsid=4176355876507025&tmod=580213982&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vqemlxg1lv80&fsb=1&dtd=1180

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 8756 3 KB
1 KB 62ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 8756 20 KB
8 KB 41ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8756 187 KB
59 KB 69ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:19 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB3 0
20 B 138ms
136ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2073194376497&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB3 0
20 B 137ms
123ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2073194376497&version=m202309260101&ct=77&x=1&cor=9070606129094731000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1DB3 16 KB
12 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzTHx7lR7JF5yp99pqQzu0vPyopjxrPEWRjeeFnjFq3BVUx9a-gCqPggNV3NMvXeL4OKL2WDMy1Yav7oBTSNUaGvj1ixpdRGjLe0GOxTQvQNaDWhwg52PEZn1altLs59SCaM6wQeA55pgT_hT2ZJdpGEqD5EwOjtqt8qvYZ8oZfMXKw3A&cry=1&dbm_d=AKAmf-C6ZgY4C2oWJMN2K8eAy9Ub0v7bp9x4abZjbdgD6ZrgyGDd7ikAF0U44Om1_T0L8ium98q02Fwcf9Lqq8h2V1lK2YK4mVkdcgmmRa3vVLj8CR-7VR4cvXJYrzu3Vyck-ep7ev7e6cFKXEqDNKAnv9Sks7BBq-lLwK1LxuL38oKO03W4TFnDaHfghWt-G6vLv66UBoQtNUhjnL2zxG_G5bGNisKNPXtC5_OCAMqdi7PTh99eFhaXUr9msbIrq4G2PsKlMlW2nuGaHzb1VOHNLnuBJOGJRlaC_QIa_yrlDjyHjRSvYf1sZ4uT94thO_q75bVVFffGoRA9pOk1cO_xuSjccEeqXI-8Sl7YA2NDXAOmVhgaYLYY2mZFNegiLjTsIjlj3Q3KkXyjSBgVPjEQonKlCPmSPDJiS6oZUwUUt92flg5yJ3UdxOK2sL_6-o29DS5gs_D_1svTC1cmtNWaF0ufzQLHOdDwwJgvrx4hg5IQoVDSY8VtxCsUet_5eSmSPvDOUBxn-UVVJonS2_u6IHpKJ1YZnbNhNX3dis_KMpGMDNkcRW4utKfQ2JtpjJnmHZv3GMuNN0KL7khsHEnhIivTQutJ_aZMcOkehRE87jMY_cNG5W2O5fwIsOMzXclLs8C4QJSi1SdKEC1Ao4TrxN6skpF9VR5MV5KW39Z2qlMC2vQKc5BJb1D9F0DLdcZC3P-Uo0x0CNvFoJdeVP2Ra8p83tIh3XKWeWP37B1t0QaBKK-PlFDSKSzYpsQ1-P7aQfkLCYpY_bBEC00voM66sii2y8nKZJrTA-ldbRaGzATxgwNpNca6765M9abr98ZGNnBVkI-i01TssOCax3IwmbNOCgElxcJxUmOy8-pPRcZk7XHU4xbpGlV-HeZuInZBO4EKU-M2dwtZxMTlL2urmRPM95aPbPBNSUbm3e2jxjUxXxzyArMzBYYPk7eAuudwNBbSdbJ8mtdGA37iBRGtno4MDTLIhFBOUdgpnMOGlqRhAeNqkeYRDsr9x59_keriSz2FyFfTSV2LG2U-jZPcXctwVU_Zw6S0SVW8BkJ5Y27Toru07Sd0gEThLJyKxaEvuKH5sGZCdW5E0MFl4ELIojglXPQ3ggPJjkU3Sgiz-juACS2GWp_nhZ09N84apcSRnHW3Xdf1P84TaY76I5c4iB7OsH6iKmPuz0lonX4iDGAc17OGR-h0JvHBLY1pQWGBGNIxaNawPUy74s2m392NyZ39dNDngmKdVy8YozfYGPrVYjR_azb8xqyKnMb6Zz_TiZ-2GHU-F52ojkwZgSO3NLxS49G51wHkTvGgFmROp6HVmmfzoteAY500-vlZOfI2THN1I6i_jaZquM4-fMxw1SI5QHqfN3EIZ_3Aq-VVjluUd9lqMQLoUCeZ_Z4PqQ69DllS0eh8TY2ZibPTwsXB9aFq47L5ow5KTAtT1JortaRNpiNppZ7MtWogpDQNhzlthbNlBdOFGxkbYSsVvWedvJZvPiCr3x3-hU03lpp_N4b81bdS9KB8bzzn6Boj54_7IOlRVnsED4NiKC-OHNNJb0Fln_gT4UOxC-iQc1btplCROwgFAp8M4fhb-tC9XCjs6UKs8D3ypKpJjshntdJOQWAQH-Tp_TvZ-2_7KeNPYaKOpeyWVSG5Lvjm68cV9KKijZPJoPl5HypEDhSKKVVNtNf6qC4Fh1biTOCyLWphjuFHSoVAn8byrb_oGdN4iMRtdC3J4DOrf7ZAjDou4mziVqxACmlwjLoHEiKftt2ksJXb5TQU8u2EfLDg1aN2G3iub1EWCB85LrdxMe6LIxcRzwbT_bxku2Lz5A9LvLIe1i0AWtqAzg3DYsNAOdMLnPRPIpa7hkMLgk-0iUAGBQOjAOdqSRqnjdYLc2a3qXNma7QmqV22INoXoAFxKyzHZuqGxULfWf8fUm00pi5To7ANfwq7YGUDPxC0x3ZLBWnZ68LwUjNh-42Q7OjsYv8KLabmq3xwjRQFtLi1OLdxH0nVu-4X5uQ1VNdMk1yTwZ-dM4_vruglt6ltdta5AcWjnLQ616s8PPRAdldZhWKMP66KpWOMlnVDGqCCx2-tZ3eLWApvamo0qTd4FJajdtO6I0Y1K8sBp_absuJMkJkm448fdzp5Ep2UOid1uiD4bhstn1-tri7E6i4nmCI84BWfC31OGc_I9LTxTw7Xfs6rm3O4nAZJuW3YYzYWdtBNb8eBn-3tc3BvIMxHLYCe3lZ-sKvepAelYVnBlAlgBI9tvWWFs2I033cHNYHoBOGFSKCIT2NhWbaqJl9SGhdLDDxyGyfsMWkqgqizHOkwQzlLd8IWhoc0CSVzMw5Iif4iiCuzAPNoCwHaDT8w7Ij0Xb-2NdXW395qpT01t-eqTtkouQFpG2ZUu6vl8ivRh4TUw3voVX1Y9-6N4OJ1hG1bvtYMrAqkwmYYHQG3h5kxoNsBa1fEDRb2usnR_-BPDZvhVdlx8dQIPOGYqFttj-IY7YJ_7ReLvZ2BUjdV9r3UEo2MLF6N9R4PNcHQWhDzRMGCj757kSDo2lrWudgZtSqmb-Kfc5TqnG2jizuFVmbxN8mzyG1SzgxLtqMU3YApxlvCMV_nIUzAgvqotFVMZxw7QKJhOBXlenDvVAD4sqxr2dnQefiO9N5c1h47ZnoH6PZZuZurxsK3s0xrwRUOiqAtZhDmXeJVHswKK6iGUA-X-V9nzhjkOQYfdztwTtL2jYCL6BM5uFxLPcTkJBI25leExDh_yhi2-Gwtbd0zSxPEKgj8_YRV7YPYXCKfDqlbCbiggaLCTjO5y4vNc4klpO8hdjPSGa4XQC6_wir9vn0RvrUz2wKcldk9JTLj4SFP5EKJKWm7PnXVDOf80C5Bf2l6xoLU3auenuJaSeNNEKRfhXFiMRuLVGyPxfrSd3oiOczilaApGkExDf1neg0uoA0zNC1ZPp6LwuvqjwKEpp4RDCaq9Qd41gjj-ld7MMKNOhT7Td3rqr1_jff5JNrzUwHBJiyp17qOWFSb0LHwbjxCU8dxUyymYZkTTjzv0af0q9-cSCKw0SVla_wJVNQ5BUKlZAEhI7eF_NjhpsuIHYGQ6nC9uvQxoEotbWgX-rR81qLAwJALr7PcvVPGQh0srDmVmTHPNOjChbpHvUUN_VcdzngcY5TcswLVI2jRnINTcCtq843lo5l5vDqP9BFzO9oDsiA6mtJTqCO3WrYhoatrjxum4thUwOt21VNVGjW6OAFLPD-C1Tc7-6yYBbkck8MfZBGo3pTW-wsgFI9EmX57AtVPMOxQ2TXITRvaT8GnXFy0hTIbxzJkKwCjKGyNpkX51Qy6B5JHi6dfyyFE2DVTQcq5qUaB9Skmo47Q0kRmu8EpBHIFgQCSQH6XrgPBt7NgD1462CuctlL2yT_DzsvP624KLbXth6ymIUniLPNn7gndJ1bjShgIlm1vBVEhADg1CpLdCrL6zk_b0UWdax4G9VAnJtYjQx8TsV-B7YxyjvKd3T92zHruYSbTbL_ApABtEAIhoR0AyNyELItIUMhJDrjd29QFpU5YVyLSCY3bGGzDIc_OX61Bc7ssrhwhy9OwMjZJ9YXFd2h22EXO47NOtllddr-aArrLxCTvVqfxUAp1Umie2t4bJVEq2mUKb89ERc-6gRuFllqJvjJMhsSCX1hKQj1vqrmkND_8xme4tPkRlo57ANCNwzANovrGuB6a1lG8Y5MZDtnaJDjRr-wDgo9XgkF4REc0qD3ec1pV2_yqffs-plGbRAhSQ4xzplKLHonzQ-m3e30I7PcEnIlvEaTTq3YLNs87McpcdtynFhuLl6UFHqzkyXBxs8nrVF4p6kuJ_es_CUNJBQKrZcOz1ssgXJA0I3LuQM-taROLnBgeECA1Q-JVlIA1UTdnLJAUBAXSt9xZ8ZNYTSQ4eWaGzRxwnNVAUXSam6e-RPI7MoSdC14k6VoGEkKm6kkT305XvmBDSdnWwyXO6kab&cid=CAQSKQDICaaNlvEKW4W6IgYulSRsT-8_v3MyT3nCym1l1lHcxi-Q9ZCZ9vCaGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=9070606129094731000&adk=676413724&idt=230&cac=0&dtd=204

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c90cccc691c38fa66173ee2af646798a8d4a4abf07881a034bb4ef995f55e97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8BC9 466 B
235 B 127ms
113ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQY3seC-AEwAQ&v=APEucNU4Uqfgp6TnIuNZnFNQCoGwsRhBf_sXBlLZSG31MuoAvDUPUnqbz6T5pCwJsxCcrozqz8vPpA7e8vmEV8iBi3dVYP7flrqlhdM1s9V26tl-KgxaJj6cXMBLutTU0d-yPTteyl4RM3IzPqvU_ji43p-NL7OjxMnU5xEBHCbDwqGkcj7zL7o

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077988&bpp=552&bdt=832&idt=1096&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31077327%2C31078200%2C31078363%2C31078301&oid=2&pvsid=4176355876507025&tmod=580213982&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vqemlxg1lv80&fsb=1&dtd=1180
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1331 42 B
63 B 105ms
93ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dk8vFm3RlkpIlB4tv23xSwDGnjcSjfvBi8hFv6bw0CMBs-t6xzfKqXA4P0qzoSv49_PBkpg_5Apw73wigz0bzn8Kv60r07aIMr_czJo9YtdrmkslQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1331 0
20 B 104ms
92ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9386516278330324428&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1331 89 KB
31 KB 266ms
209ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1331 3 KB
1 KB 90ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 1331 20 KB
8 KB 93ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1331 0
0 97ms
44ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaScEqcx_sZsT5uoFqLfv9idKddqXjoE2mw1npfTeiNlOzEiVauVHJ4Ir2D3-ABB4LyaCXFpMyQlAy8uYtJmlpx5C5zrpA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1331 187 KB
59 KB 103ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:20 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F894
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIpcFcQ_8vJCQ6OnUm_8kmg&google_cver=1

43 B
171 B

252ms
135ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIpcFcQ_8vJCQ6OnUm_8kmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYksm57AEwAQ&v=APEucNUkOWr0_nB07--uHtOmeuKKHiqMHjfcLvyl5DorfQQEyRo9uClM-xeIhrZ7CFSsUuhgE9yB9ictbNInXbDcSH4HbdDg2suPqQzARSQNcIhUdZpiPobR5BAlVT9UuFwEEWwEY6RPuvyn05Gr2ZSuIH1ZEmXQCuK_BXZ3d2acLtIpR02Wkzo
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIpcFcQ_8vJCQ6OnUm_8kmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F894
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWEwZTlhZjctOTYyYi0yMzAxLWU3YmUtYTAxODlmMjM0NTBj

170 B
188 B

121ms
85ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWEwZTlhZjctOTYyYi0yMzAxLWU3YmUtYTAxODlmMjM0NTBj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYksm57AEwAQ&v=APEucNUkOWr0_nB07--uHtOmeuKKHiqMHjfcLvyl5DorfQQEyRo9uClM-xeIhrZ7CFSsUuhgE9yB9ictbNInXbDcSH4HbdDg2suPqQzARSQNcIhUdZpiPobR5BAlVT9UuFwEEWwEY6RPuvyn05Gr2ZSuIH1ZEmXQCuK_BXZ3d2acLtIpR02Wkzo

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Oct 2023 07:11:20 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWEwZTlhZjctOTYyYi0yMzAxLWU3YmUtYTAxODlmMjM0NTBj
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame F894
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEEZ8dkhzsz-WL1ABUPujWgk&google_cver=1

23 B
278 B

339ms
207ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEEZ8dkhzsz-WL1ABUPujWgk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYksm57AEwAQ&v=APEucNUkOWr0_nB07--uHtOmeuKKHiqMHjfcLvyl5DorfQQEyRo9uClM-xeIhrZ7CFSsUuhgE9yB9ictbNInXbDcSH4HbdDg2suPqQzARSQNcIhUdZpiPobR5BAlVT9UuFwEEWwEY6RPuvyn05Gr2ZSuIH1ZEmXQCuK_BXZ3d2acLtIpR02Wkzo
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 07:11:20 GMT
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEEZ8dkhzsz-WL1ABUPujWgk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F894
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjA4MTQxNDAtNTE0ZS00NTU1LWI0ODQtM2Y4MzFkZjcwY2Q5

170 B
188 B

122ms
86ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjA4MTQxNDAtNTE0ZS00NTU1LWI0ODQtM2Y4MzFkZjcwY2Q5

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjA4MTQxNDAtNTE0ZS00NTU1LWI0ODQtM2Y4MzFkZjcwY2Q5
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Tue, 03 Oct 2023 07:11:20 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8756 172 KB
61 KB 169ms
52ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 12:29:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame 8756 7 KB
3 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 22:26:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 8756 23 KB
9 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:28:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 21:28:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8756 41 KB
13 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8EBD 398 B
222 B 239ms
188ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNXAnGQJv3RtHl3mmAvS64Hn_KwTFDNQgGhO781qy9Y_2i6oqvKaP7GilI9WrLRXeYGbbQgRrwxC1Jmwl9_DxSdbYsNNJl6-xMpm8mfltTd3ykiyK1RHtZ2jr5qZzURnnn2AraYtJNuRbCu79AAOi1YoumHpL2gjM62ck4_-ccu5WgW3QKY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA10 42 B
63 B 187ms
178ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANLIkMcHUvNfGCst3mWzW5z1VCrxCoQau3hRJ_MWiraXq3okeY8fj9RDym60hEUyZ2Rw-BzdaLZxUqyDV9uJy7jaC1e-m_A-ACyn9TH8fQK9TPT-k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA10 0
20 B 188ms
178ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12913962032983512812&x=1&ct=77

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DA10 89 KB
31 KB 337ms
194ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame DA10 3 KB
1 KB 200ms
83ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame DA10 20 KB
8 KB 220ms
83ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:33:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DA10 0
0 221ms
110ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrkoB9qDTZU8qAA0TC4_CUV8ZFQjrAXAZjEDkiOEQcEFu5UcZpKG3OzgYylslz372KdyvtT1dw6bSwZKT95lW51fsJkg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA10 187 KB
59 KB 219ms
82ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A842 1 KB
643 B 162ms
43ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 83755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

partner
sync.search.spotxchange.com/ Frame 8BC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECsKURZz8joKZRiys69GQCk&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 8BC9 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BC9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lX1JlTGRaRTJ1RzROME8yWTJHVWhINjEwZEZCUmtGNH5B

170 B
188 B

156ms
83ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lX1JlTGRaRTJ1RzROME8yWTJHVWhINjEwZEZCUmtGNH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJaxpgEQ5uqlogQY3seC-AEwAQ&v=APEucNU4Uqfgp6TnIuNZnFNQCoGwsRhBf_sXBlLZSG31MuoAvDUPUnqbz6T5pCwJsxCcrozqz8vPpA7e8vmEV8iBi3dVYP7flrqlhdM1s9V26tl-KgxaJj6cXMBLutTU0d-yPTteyl4RM3IzPqvU_ji43p-NL7OjxMnU5xEBHCbDwqGkcj7zL7o

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lX1JlTGRaRTJ1RzROME8yWTJHVWhINjEwZEZCUmtGNH5B
date: Tue, 03 Oct 2023 07:11:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1F1D 0
16 B 230ms
93ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNW7TACiAQaJHbEU2PB2Iewr4MzraEsu2vPsfo_AydCndkqyZXt21mvC6gsuXrP7sOjUCjwXVgi32CN1beZOkuTCKE4vy2jWTYaHfgX-KJgOcOzFmByXPU1uZPTUAktf7z_bQpuxgwshJq2rKRim7MRaCS2nTqZnwtHxZhLG1UOBGbdwbas

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5694 0
20 B 297ms
217ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9550697144992&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5694 0
20 B 300ms
219ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9550697144992&version=m202309260101&ct=77&x=1&cor=4096156551671006700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5694 29 KB
18 KB 333ms
222ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUDj4EDXq2JJ1viaDgkwXmkCKMPRLvHups8iRfGVQvKiDT4JuLJzCMXsWTS6SziO7iC0ry07A5lU4_KAuQNfdwc8fVc62TlFQ24PkWASN_FmYB2VppdqPLMoCgDU-l8AgRyD1L51vcsD9pE1OEy39h9h3kZAgUMeWJnIt3JQNTwQDjpsM&cry=1&dbm_d=AKAmf-AJ8FuC-J0nVR2SDE6wRCis9mCA6JPtF79es8wOVvGLaqLx6QnuflU2bcVZ7l5xL4SSrlH-Jz-Dq2sLADto_IUX2gZFiZZjwpJL0E_ntA3ro77CsZfHUFnMSHEDeC5XCtGU5ZUQuP7nJNW0XyPDP6nTZpRPeJcWacvir-Rs4J0XIVK-MjWugOBF7VIFd1CYkI8P3WPZTqA_YfCJC3z_AlstZZqoZ_FLibfGmLlc6Q1M2q_hsYai_MX98wZIa7DzPmYRocd2EIxYGfL2LBqxCCVBT7JddYYuI2sXmP8Hfcy-bmxLox0LQIT8tXPgKr5Q5T0j45OTNpvvZP61RLkgJNrBj2QE82Q7k1_iRUm6pctnYW8XFPuLzFTo_RhogFNSKF8F5qCtbWiob8Fi1790CpvU3lrdoewoNOD-MIbo_Ov2r4zArgI5LGSrWTrqgpqLxFed8WnFTwABy1OYr7zSfBk1KTglP-wyrzXAHMmm_b7LEnvP50DK520oW8b2uN9t9A4F6DlwOYJhUyo5kgp9urYwtUAlUB1gY9CtZibXtkAHzqlR5kDIRo5haTTjtED7l-I5Ikl9jXFj-T51Uvqod8X1TLMdJgRiLw-kXB0DLt-CZicTt_Kkx5EmMDgIYAw6_HD0u5h7UAEBcmWF_t2EkjpJW_ExUgJqkQIv1_3ica2ApAM7WdfEpVwRLaapPjs8-hrx_gLLmSAUGW_EvUm_Nz4TOpR9gcVdAn4IF1R0_sXhl0Wesnx3etoYN3fKBvM3CjyjsjIL9kvHaywmPujJYoOKxzuhJbm5oZXpIte_gZR9bflTaQ4RmRC7Wk6bajcE1vP-q_bjVu3u-UktEeQGBDSOh7Tq-9WHO8pkYWZZLhS8As1HM6XbrH7hYqFtcexDegZtEtcvIpPvAbkkyM1muP169_L9YSKgx5-gkJk76JzX2gvBf7CcLudwu8cbuNdMq8V9xQvWwsNt0aF831V5CAXHLnkhGHdstFVbfqlj-GuRQIqxWuPG7pO1-xRJbnMuP-AfRjnEseANlyVTLSDpR1XIaY4rrH9FOtPqCk14ool8loBkWNG-mt0hSCTssaqxpYHgFYXMWDX2q2kP4Z9NMesCZw_O4doQNS0CGR8pTnpFnb3nYF7q54AMXK9SKzl3Ri5QJOVwms73I9qeO-pu22l2mRdEWkW09G8ghz3XqnXk0Yd_zSJkK9YqBXDhLjG8fN0jjQSDHxqq7hZb-fr-0x-OvrFmJ88tm4WhGN1a9mFQl4TEOV-worDzPQDw4qsyCvLHuFdB-DPpwgTyG3KFq-UliakyoZPPNv86th5QGeQnKvcZH6j8Cfce7jo4xbLoTtO_jB3ikJKSsak-f0kuTnOLYWHW1xjWtGDuzyCOU4r-dLmW7Ufx2wAiaPspjtF-6B-JWfpR-IBqGV4-LDRZLRTbwt6pNYk0NdfX1XxhRP7aIiabaiY-8qXwyNuXI6f98Z3W_BLjhrueLZRWGWosuB0i6uzEOJQPkjYQ9SeQ9MIPRiTwsG-MLamArZUWTbTGMUWnGbBtY6iQt0z7vmhZTogZRXEzWG71DNrbkHuyGimDgjb-mTcn2IU-1kCwaf3AugvJm9Ylw7oZImASRdeQfScCUrweyH1fN5S5Em2EwyLYTpE5g3jdM89yCaG5FslAxZuTgGxmVe_gKcAdH-DvzyXi8hUN2YLZnB4k_YUomEFRQXwLRQxvxaio3OB4GBzKQJe0YVEoRiKXXQO0wUO_X59k2vmKi8R27bDjWEYt9LTO3HhiSgiluAeaSC6_ONLrtSfkMh_U3hJ_cVBiSR_HY6MwP4pp01t1flLBmMFyoeDEVvq3D0LQTE4RH2CD_GGUWpvV1jZKrT6Fmh8AFBF1LgpAZki_wusMjXSwTElJhBEm213CyLklPb6JkO_DnXloiox2uRNbZ0o9JId71MMhZ7T_k41Df8YO5O2oV3P8pu4F2DLdfRkBPoYoFKhlEvinCMIB6q9gZl_t0oK6NcIKc5_kAnWGqX6sB_dTpbn3qVacuazugTIkGEyc4wQmTYglsZ3ByyutKzcQ-sae4sN6Gdvzz9HjJk8jgn7NlTvyeeyh3XcMlqOMHgRQKrIy0Is24Dk6-gC93hu1__g_az5fs6lp__GqZ_jjHkB8mk6ndKbkhJe7hO7giC9l7GmGuKDu9salKpNmvyLZzbYMbnc8RQ7D1YCqGFmqC-tsAFyhTyJ-VEp07WITz0biX-mWR9cHcTzTu-v6iHBzA6Sght2uvcGuiyjF1Y20Kv8EgS31Wv06sFd87ZOyoCnXOkbKGLOEZyImBtk0CW1qB9IX9YD4IpocWUnDBnXSE59sa4ZSVTKJ2-s9FWRJq0Sdrrro0OhoRPsMSiOU5VWPERW5_VyTXKQmQf-hl-JF_c0wIE92_c9abueC5g6fDPBHBScwXILHJBl0xtA6S_sa5QMqMSEP4eUtGmlsHhk7HAslfrcq_ReHDRveLn1XcrEYGeL3pSkgV7gH9mrPmAqD-2c7pz6ufyqVTq4w-f-6ktyUnJDzqM27nXLn9Fq2K9YrYf6S1t2TpalMTMgc2H_0XMu0q-r5nADbvPeXmk_LWdchubk2DL5ei2eHdwtE3qv4VM2uig0MERa0IPSxrzODc8-oK9Z8NKHuIRiHar_NhMAXUf8iHxWXurZxZWDdeVQrVHeV89P3dtZhgMZkU-uDeREdnJ8LwJqIflriBewhpuX8pSr6ukRwLqgy81AnYESBKx0OgpOjoc3s2mwGkI5Oq1EoE3O6SOtVraS4U4JUBvGfddv_SVz26mKZxt2eiQEqWq7vcXq-ZDbL_DU6XSHI2YQIBBrbH2gEpFVGjWSwI_JkLTm_ePBAEP1rFQ1sbA95BubZCIG9ujYS2iCAGDQ5UdRGCuhs0Ig9EqrYQBly__L62H6mzeEvoCSwNLMgnBoOJz8U0IDWg7g-MJ1LAJMt1hCyOkSMgTK5P7SLi3Of2WpwYHENE4QIKh1KT6ZsrZRB3vknedCMRHn17UcUQ_y8eEZwUx8PeU3Yx79bgBGrX5mEr-fYqabNYamkCBoEQmjw5MCFmRD-iIibnd4qDV49MFQY1GYB0w3kEPL9cipZOw0QGqGaumTYiJlYjJB5tJMB2Q8mTm6s6DHSp_EjlXMtJ2llR0pDRIldHTbW12Fq6Zx9geyACaOAygAX4xEQ2D9_GHtu1P9mlRarkdIZ3MeRKDO44W6ig_ttTWXBjLeXZsSGdT1POUtoVzPzQkpWg-m9dh7_uF7Yd-_W2sp1RvS14eRJnxVGbUCP6Nh56HbGHlkRoi8z_1gF9ASC1ZV_03R-r2eWVitBk0XX_GLwcZW0aS40-I7cJPcdTOMFwiFOYJH5zrqYFP5jZgistBIRxnuAD3SgoKmVzdOs9-l1X7wD9w7DZrp1ff98yejZW5w0kviZs15Z4UPVkJyZxvaqYAgh2CHXOSAR2K5_3v49&cid=CAQSKQDICaaNcOmHgVCzZxiPjzAqgcdllnwTXliZdn81BdUwoAN6Tgfi5i4vGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=4096156551671006700&adk=3676778483&idt=353&cac=0&dtd=31

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e02add5965a4bf30c9953e964198e8b23b4ccf3e566f2f8e952beae155d8d8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17969
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DB3 41 KB
13 KB 199ms
106ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzTHx7lR7JF5yp99pqQzu0vPyopjxrPEWRjeeFnjFq3BVUx9a-gCqPggNV3NMvXeL4OKL2WDMy1Yav7oBTSNUaGvj1ixpdRGjLe0GOxTQvQNaDWhwg52PEZn1altLs59SCaM6wQeA55pgT_hT2ZJdpGEqD5EwOjtqt8qvYZ8oZfMXKw3A&cry=1&dbm_d=AKAmf-C6ZgY4C2oWJMN2K8eAy9Ub0v7bp9x4abZjbdgD6ZrgyGDd7ikAF0U44Om1_T0L8ium98q02Fwcf9Lqq8h2V1lK2YK4mVkdcgmmRa3vVLj8CR-7VR4cvXJYrzu3Vyck-ep7ev7e6cFKXEqDNKAnv9Sks7BBq-lLwK1LxuL38oKO03W4TFnDaHfghWt-G6vLv66UBoQtNUhjnL2zxG_G5bGNisKNPXtC5_OCAMqdi7PTh99eFhaXUr9msbIrq4G2PsKlMlW2nuGaHzb1VOHNLnuBJOGJRlaC_QIa_yrlDjyHjRSvYf1sZ4uT94thO_q75bVVFffGoRA9pOk1cO_xuSjccEeqXI-8Sl7YA2NDXAOmVhgaYLYY2mZFNegiLjTsIjlj3Q3KkXyjSBgVPjEQonKlCPmSPDJiS6oZUwUUt92flg5yJ3UdxOK2sL_6-o29DS5gs_D_1svTC1cmtNWaF0ufzQLHOdDwwJgvrx4hg5IQoVDSY8VtxCsUet_5eSmSPvDOUBxn-UVVJonS2_u6IHpKJ1YZnbNhNX3dis_KMpGMDNkcRW4utKfQ2JtpjJnmHZv3GMuNN0KL7khsHEnhIivTQutJ_aZMcOkehRE87jMY_cNG5W2O5fwIsOMzXclLs8C4QJSi1SdKEC1Ao4TrxN6skpF9VR5MV5KW39Z2qlMC2vQKc5BJb1D9F0DLdcZC3P-Uo0x0CNvFoJdeVP2Ra8p83tIh3XKWeWP37B1t0QaBKK-PlFDSKSzYpsQ1-P7aQfkLCYpY_bBEC00voM66sii2y8nKZJrTA-ldbRaGzATxgwNpNca6765M9abr98ZGNnBVkI-i01TssOCax3IwmbNOCgElxcJxUmOy8-pPRcZk7XHU4xbpGlV-HeZuInZBO4EKU-M2dwtZxMTlL2urmRPM95aPbPBNSUbm3e2jxjUxXxzyArMzBYYPk7eAuudwNBbSdbJ8mtdGA37iBRGtno4MDTLIhFBOUdgpnMOGlqRhAeNqkeYRDsr9x59_keriSz2FyFfTSV2LG2U-jZPcXctwVU_Zw6S0SVW8BkJ5Y27Toru07Sd0gEThLJyKxaEvuKH5sGZCdW5E0MFl4ELIojglXPQ3ggPJjkU3Sgiz-juACS2GWp_nhZ09N84apcSRnHW3Xdf1P84TaY76I5c4iB7OsH6iKmPuz0lonX4iDGAc17OGR-h0JvHBLY1pQWGBGNIxaNawPUy74s2m392NyZ39dNDngmKdVy8YozfYGPrVYjR_azb8xqyKnMb6Zz_TiZ-2GHU-F52ojkwZgSO3NLxS49G51wHkTvGgFmROp6HVmmfzoteAY500-vlZOfI2THN1I6i_jaZquM4-fMxw1SI5QHqfN3EIZ_3Aq-VVjluUd9lqMQLoUCeZ_Z4PqQ69DllS0eh8TY2ZibPTwsXB9aFq47L5ow5KTAtT1JortaRNpiNppZ7MtWogpDQNhzlthbNlBdOFGxkbYSsVvWedvJZvPiCr3x3-hU03lpp_N4b81bdS9KB8bzzn6Boj54_7IOlRVnsED4NiKC-OHNNJb0Fln_gT4UOxC-iQc1btplCROwgFAp8M4fhb-tC9XCjs6UKs8D3ypKpJjshntdJOQWAQH-Tp_TvZ-2_7KeNPYaKOpeyWVSG5Lvjm68cV9KKijZPJoPl5HypEDhSKKVVNtNf6qC4Fh1biTOCyLWphjuFHSoVAn8byrb_oGdN4iMRtdC3J4DOrf7ZAjDou4mziVqxACmlwjLoHEiKftt2ksJXb5TQU8u2EfLDg1aN2G3iub1EWCB85LrdxMe6LIxcRzwbT_bxku2Lz5A9LvLIe1i0AWtqAzg3DYsNAOdMLnPRPIpa7hkMLgk-0iUAGBQOjAOdqSRqnjdYLc2a3qXNma7QmqV22INoXoAFxKyzHZuqGxULfWf8fUm00pi5To7ANfwq7YGUDPxC0x3ZLBWnZ68LwUjNh-42Q7OjsYv8KLabmq3xwjRQFtLi1OLdxH0nVu-4X5uQ1VNdMk1yTwZ-dM4_vruglt6ltdta5AcWjnLQ616s8PPRAdldZhWKMP66KpWOMlnVDGqCCx2-tZ3eLWApvamo0qTd4FJajdtO6I0Y1K8sBp_absuJMkJkm448fdzp5Ep2UOid1uiD4bhstn1-tri7E6i4nmCI84BWfC31OGc_I9LTxTw7Xfs6rm3O4nAZJuW3YYzYWdtBNb8eBn-3tc3BvIMxHLYCe3lZ-sKvepAelYVnBlAlgBI9tvWWFs2I033cHNYHoBOGFSKCIT2NhWbaqJl9SGhdLDDxyGyfsMWkqgqizHOkwQzlLd8IWhoc0CSVzMw5Iif4iiCuzAPNoCwHaDT8w7Ij0Xb-2NdXW395qpT01t-eqTtkouQFpG2ZUu6vl8ivRh4TUw3voVX1Y9-6N4OJ1hG1bvtYMrAqkwmYYHQG3h5kxoNsBa1fEDRb2usnR_-BPDZvhVdlx8dQIPOGYqFttj-IY7YJ_7ReLvZ2BUjdV9r3UEo2MLF6N9R4PNcHQWhDzRMGCj757kSDo2lrWudgZtSqmb-Kfc5TqnG2jizuFVmbxN8mzyG1SzgxLtqMU3YApxlvCMV_nIUzAgvqotFVMZxw7QKJhOBXlenDvVAD4sqxr2dnQefiO9N5c1h47ZnoH6PZZuZurxsK3s0xrwRUOiqAtZhDmXeJVHswKK6iGUA-X-V9nzhjkOQYfdztwTtL2jYCL6BM5uFxLPcTkJBI25leExDh_yhi2-Gwtbd0zSxPEKgj8_YRV7YPYXCKfDqlbCbiggaLCTjO5y4vNc4klpO8hdjPSGa4XQC6_wir9vn0RvrUz2wKcldk9JTLj4SFP5EKJKWm7PnXVDOf80C5Bf2l6xoLU3auenuJaSeNNEKRfhXFiMRuLVGyPxfrSd3oiOczilaApGkExDf1neg0uoA0zNC1ZPp6LwuvqjwKEpp4RDCaq9Qd41gjj-ld7MMKNOhT7Td3rqr1_jff5JNrzUwHBJiyp17qOWFSb0LHwbjxCU8dxUyymYZkTTjzv0af0q9-cSCKw0SVla_wJVNQ5BUKlZAEhI7eF_NjhpsuIHYGQ6nC9uvQxoEotbWgX-rR81qLAwJALr7PcvVPGQh0srDmVmTHPNOjChbpHvUUN_VcdzngcY5TcswLVI2jRnINTcCtq843lo5l5vDqP9BFzO9oDsiA6mtJTqCO3WrYhoatrjxum4thUwOt21VNVGjW6OAFLPD-C1Tc7-6yYBbkck8MfZBGo3pTW-wsgFI9EmX57AtVPMOxQ2TXITRvaT8GnXFy0hTIbxzJkKwCjKGyNpkX51Qy6B5JHi6dfyyFE2DVTQcq5qUaB9Skmo47Q0kRmu8EpBHIFgQCSQH6XrgPBt7NgD1462CuctlL2yT_DzsvP624KLbXth6ymIUniLPNn7gndJ1bjShgIlm1vBVEhADg1CpLdCrL6zk_b0UWdax4G9VAnJtYjQx8TsV-B7YxyjvKd3T92zHruYSbTbL_ApABtEAIhoR0AyNyELItIUMhJDrjd29QFpU5YVyLSCY3bGGzDIc_OX61Bc7ssrhwhy9OwMjZJ9YXFd2h22EXO47NOtllddr-aArrLxCTvVqfxUAp1Umie2t4bJVEq2mUKb89ERc-6gRuFllqJvjJMhsSCX1hKQj1vqrmkND_8xme4tPkRlo57ANCNwzANovrGuB6a1lG8Y5MZDtnaJDjRr-wDgo9XgkF4REc0qD3ec1pV2_yqffs-plGbRAhSQ4xzplKLHonzQ-m3e30I7PcEnIlvEaTTq3YLNs87McpcdtynFhuLl6UFHqzkyXBxs8nrVF4p6kuJ_es_CUNJBQKrZcOz1ssgXJA0I3LuQM-taROLnBgeECA1Q-JVlIA1UTdnLJAUBAXSt9xZ8ZNYTSQ4eWaGzRxwnNVAUXSam6e-RPI7MoSdC14k6VoGEkKm6kkT305XvmBDSdnWwyXO6kab&cid=CAQSKQDICaaNlvEKW4W6IgYulSRsT-8_v3MyT3nCym1l1lHcxi-Q9ZCZ9vCaGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=9070606129094731000&adk=676413724&idt=230&cac=0&dtd=204

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 94B8 0
0 229ms
178ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=3079225621326333&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK dvbs_src_internal122.js Show response
cdn.doubleverify.com/ Frame 1DB3 60 KB
20 KB 112ms
66ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=29615901&cmp=216242&plc=7609401&sid=18330&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:46 GMT
Server: UploadServer
ETag: "676309fe6e3823d28d9b38e6462bb025"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19669
Expires: Wed, 02 Oct 2024 07:11:20 GMT

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 8EBD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOkeYSpdLam-PJyBLk31si0&google_cver=1

43 B
573 B

94ms
50ms

Image
image/gif

185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOkeYSpdLam-PJyBLk31si0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNXAnGQJv3RtHl3mmAvS64Hn_KwTFDNQgGhO781qy9Y_2i6oqvKaP7GilI9WrLRXeYGbbQgRrwxC1Jmwl9_DxSdbYsNNJl6-xMpm8mfltTd3ykiyK1RHtZ2jr5qZzURnnn2AraYtJNuRbCu79AAOi1YoumHpL2gjM62ck4_-ccu5WgW3QKY
Protocol: H2
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOkeYSpdLam-PJyBLk31si0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 8EBD
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMAR...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=MjE5MjUzNzA4Njg5NjA4NTg1
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOkeYSpdLam-PJyBLk31si0&google_cver=1

43 B
338 B

158ms
85ms

Image
image/gif

185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOkeYSpdLam-PJyBLk31si0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYgvTNxQEwAQ&v=APEucNXAnGQJv3RtHl3mmAvS64Hn_KwTFDNQgGhO781qy9Y_2i6oqvKaP7GilI9WrLRXeYGbbQgRrwxC1Jmwl9_DxSdbYsNNJl6-xMpm8mfltTd3ykiyK1RHtZ2jr5qZzURnnn2AraYtJNuRbCu79AAOi1YoumHpL2gjM62ck4_-ccu5WgW3QKY
Protocol: H2
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOkeYSpdLam-PJyBLk31si0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D69 37 KB
14 KB 160ms
107ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:48:27 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B8B4 22 KB
8 KB 337ms
299ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 95898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1331 0
20 B 118ms
113ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7221871908294&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1331 0
20 B 78ms
73ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7221871908294&version=m202309260101&ct=76&x=1&cor=9386516278330325000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1331 104 KB
40 KB 269ms
224ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR8H4lV5blWVFM9i0pA1-tmuKu-u-NC1Tc21UvTzbYu406aLOz25hYLvuzFr5jfOmPgd_0xSJU26rl8NFizcU8fSH8Cb9E6M3EmweoLbsCXtPUAuBdzwkMV0EHoCXzYnNGwJYV1DkdDS39DfqHyejeRfA3EgcWyGtOh0lLVxcDQBI4kDs&dbm_d=AKAmf-DuxPVuVKeYdloARLVVeifNqNO-2U_z-PiduTKCfW50vzY9C7PEG-Jw0e7a-FSO2AzeICSKqzbI2ynEA_3VzMgxmDAw8deJ-_r-6AXYZp9h-nRP2oEY5m60P36wcvSW0_LYdgluXZlXyMc4I8DBOoCQlSO-P9PhOj_Xj34c3iCjauvnNEFBjMIldFn8Vx6QfbCjKvQlkuZnC_TIq5rdmMyPbwXUJVWtdzrnof7mVPXLwDD3PfyjIta4ITCIAcNOSPT-utu8bLQfhO1tKGG52EIe2VHj16hC7SisquUOiQKrv4CJIp90hbX3f6SWc3F8k-jq91BLbnM6f2K-5nqxL0obc7k0ZwF-z4qhp8UBrayyztURH8wjxv6wmG_LIKgEyyivLk7LbN1QaIOLcRMgKO4l7l4bGJEaAZuxS601Qfv1vBY6oQcGxJrNzv70IRe9DcLbIX2Ly4cgjnJxy5jrJKcSh2rLtLNVCnVDyXYfZ-U2F-xSqz6ATNyJ6cQNA4SKW5Ehih_RkaturwR-0ew1iP0lVM9o4aLPfDI_frlRKK-zCXuIwkQCmHJGFntq3QOhco_KRLhKyVP_XIvwpJo0mpyWLmzfOq2uaNo2BBOSEvn0FG_WtR3gYgVYX3fXgoM4l27Na5nZkk75bWdjQzYSXFARgahafrqUN-_HBm_U8euKdo-soA1r9SMB_orhNsA160aalHq6WJuShPoPdBj1A3r8VHXPteyhrwvCp3CKcaon5f5I3-cDsmPwWbkoL-MWS4zRGYPS0O0IECcfdFRSncyuCaW8iveINpE9TXDhbj41BzuGw7m2Qsj7EU02GiglXDV9hXWrC5tZFmBWn_IMnmBCBSVUdwcqv-uY6ZqAbaH6VdYu786_NAkNw-KrbBiT6k1FPZyYP0VXio1h0fdB_vPHT_IJh-rjm09PaJshHKr7nrAT9FmRZPJ8aAQmHQu1o5R8PEEUkhPW3NyqL-L3M_589A0T_bA5oYKd3H3MKHaymPuK2YTxpgnh2zwo5s3-mSfBk_fP6qCu_ilxDkg_v-jkG3SluSFWhWMccMfoJudeKdno0tG67xF5TB6e5GvV4c_rsOEu4AweXUzYgYpLMANECWBT0sgUcqC0Lmms_t1uQEPbxjY5MLgZ_tvP7su1Bbe0H5DyxdDZRw_yeow7j6fJnnXxJt6Mh8zr6E_U8EQXl67Jrz3U88lazRn199Y0AxtwzhDDB5tScxyIHf_wu_noYTV0dNJaCvN8JCguZG_KXp6VmqHGY2nYbmmKkVJCjRoyAEM0VGN2hwZoKcje8uiaHKwtju9zsg3lFWDAI07B4dZA0ODSVd2pyi8iD40LXHCI4tiB6xjWdraAbgUTXzz3T6NCQw4dBRa8Jlghrr4WwgGd4kBHbFxyQHgIqcr09hiGeFyRTnCK3e6jKGa7FKghdiKuMzTpbktYVOIS6d62kjKqVnFIKbyphQZlDBE89KSnCgjKngR9ULyusFQ93_1OQ-5e-lHpPTMbrzOkU_Ls-rNPuaTaODsq3P4Kjnoz5n9op8Q4t7Y2CPLtSkYpvRI0_t4hqX5oTTWMTUBq8xuzUDmUQ9mt1qY3ZBy0nPP2EdXfc9kr-NMlxt-VU7Mwj1Ql-ikN44FUcnHz2V4eym0ybG5gBfITl5BbXMGU97LwMvaqjAHCiaL5sLhXV2XbidSRLySubYiJuf9mlVMyHVewar7aAgE4flXP85gEnK5lH7b6UQRWM3nNg_n-a-YGz-U8_xvQHauS2OeMlssWIpn2qGWzv9DJ_nTNmm9wAY3XERA9FRakiELu_AF8UciVcyvqVKdvnZxflhQj88sgKXyvJx9ZvqpAqtfV8bKQLPVcHducb2M8L3tmuQz3v_qtakwh6tVPxB4L6CNS5o7p2gxy5-v6j15AyKjiATCsXVODEYt4GucrZmkEhtJ3b-EQ-71N0XQOao-Mmyf28PUl_rzBLFu7ppNv4bwuAXeLwiBVDFqFtQJefBs9XSsCxfIIIODscGRnS2MZ9tt-EubyND6GtV4mttCyqYp6xc1IcygxMtu50OOwBaMIWtH6LrfXhXHvsnl2tkUAJl5zY4tOtjDP0AwXGLG1tbuvJ6flMNsXNgkp01JPiZgillKBiz7uZcrpbPZHkm_q2loerL4GFJDS3VYVcgWna10SWmK2rODJOmywg5qOojBRVEk-agDLsgW7g_35wUpKjshdEZtetWKb7RJ-krcznKPGG-CijAT4efLgF0RZIEURbc8aOjqWuLqB5DfjJ3DrNaoQ4l9lh7GWi66SgOkCf-vD7r2hnsPNBaPYfsvj-tuvf1AiLFHTHCKSrHnUANU_W22EUIEdQefqymEI6DadfBEgvI1uRsMZ1Ogu3_YHzQMBqn0N_qtWkUCSOMYFhp173A2X_x_vBICl_O97J-msonNKCy-2wMG7lw_YwFoDj8C5weHVHUZE9nimkd-4S_TlN8Gckc0xWEuKl2Qh7tmuuBzdR0AwlyjUwYY3Uw9eby2FQrmGgJh0b5N8lO4zKQ-DlEgGaWSys9ebKEF4IUpqlvNWdiKGMDx6NYC8xv2djS0yWGvkI7LLGI3YtfbFwZh2B01JjFH0BquSXiBqfjmT2G2O5MnzjzJ992N1qu5-ipFLGmMVbsP8m52Fk3YU10-F_kJqh1Tat7PneVN_493V1oLuus4nZaXMSW-Elk9VzVzj6E4Ph9jlxtXOAE3Q16sJAHr0WZuI_J3RNcCyYtrGEHOyrplScFDkT8SuvCCSP6HSVxsb-WLvuvNe-U1TEUX0U77egZcQUTmQcF9ZKkgb-Wf3ywhF6txa6lxfLx6lmwBDhMJVO7vUJ4DdOlR7qjvf6LeWTGsn3rFc3-lmPcUw8kpPCc4hnPIJ-ZeqEAspx9psFduif_AFv0jR8dfi-UBfYpycMS-t5hZ6Y_M8GZVee_N3weQ-zjPghI4le_T5CRkS7akc-UD8nnyyeSdCWl3qgkH_siYUvEufv64tXxRyFqgP1WBi58AwvBvB7AQv6B6dfh0ghoQhKbJRvctYwCO5hobt_q0YEhRPAjjbGyU9gpMIgHgL5W9Op2BCJg1X7sFaoFUYqRtFBaNqX6OutYB0xUkhmLJ-_cqaiJ7sjHDaJuxQQoEH6wBGRBFwaoTOgy_VSQ6ccqAPOFoou_og_fLeAhJ1bdkmg7rFi8ZGUQqSzcguIi4Tb_WbhaFuPlxwXGjwSACxJABdy2TMGK7ruflyvkyR0LM4IZekaztOrFsgoJQ7odRV_rhk_OXY4v4qV_hLcor1q6Hubg1HN07G532XZKGefcUTkAq82SGkTgdxd65UYr71AXEf-ukpkckQWCD7A6SEqenIYqqsW-TFdDahbrRVBLtwAEKHHKUC_C8-rkAMBtWHhjSXa37Idib-eK5EwQ31Ywmc3Wdjlv5b8mvA19SzwdBiug6GJ3Nhas4KKQET-VvBggBSC4hQuh_2bUxqHhMp95MuGATAdZ6V-aNL9_c2riGWuUU9jwXML0JmYu5HBJQmyAIz_-qX8GCRwBlY2l3uqVkLUuDfwZRsoHOb7oic0tXWdMjTv9Zzj5L86t1z4NALSoEboujierjQAWLw9RZN7tgFOzOTz3kxDKjSAc0orxjT0yDKNPKuy0GJmEsbzAASdflAqwu7rizQ&cid=CAQSKQDICaaNHozGcsE2OM746IfwqAIGUso3P1hFgGrxGzmWTs3vs7vngR8VGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=9386516278330325000&adk=2124396030&idt=412&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab16337f55ff19b3465fdf46061afab9c2aa40400c04015c93aaff1fea846c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40770
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A842
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1&google_push=AXcoOmQn8kQ690KT7ldbXSNiKYuzCpjvoRRfKed5C2nU8n5i56gpA7dgROVMq4okKcGgPnJ8xVDact69GNKCwKbc-8di1K_54hc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM5MTQ4MTQzODk3NDg4MTQ5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1

43 B
398 B

295ms
150ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077988&bpp=552&bdt=832&idt=1096&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31077327%2C31078200%2C31078363%2C31078301&oid=2&pvsid=4176355876507025&tmod=580213982&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vqemlxg1lv80&fsb=1&dtd=1180
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A842 35 B
463 B 394ms
39ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFMHddObDVPk-lUx1EBHBCw&google_cver=1&google_push=AXcoOmTWszn6BMl0D_7ep-xSozk171AZ_J7cSLUE4nGaP9doxVNgpA1qxf4C6glke2AojSKTP6-6cmFG-hlW6TqjeewhIMtuj-Sc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A842
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBpVLK6dqqpcTo_dC6uECo8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBpVLK6dqqpcTo_dC6uECo8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Yll0UllzdjUxUU56eVU1&google_gid=CAESEBpVLK6dqqpcTo_dC6uECo8&google_cver=1&google_push=AXcoOmQOldUNlGmM9VEsD5yKwze3lWxFYLDU2YvIXQouTQy...

170 B
188 B

298ms
225ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Yll0UllzdjUxUU56eVU1&google_gid=CAESEBpVLK6dqqpcTo_dC6uECo8&google_cver=1&google_push=AXcoOmQOldUNlGmM9VEsD5yKwze3lWxFYLDU2YvIXQouTQye4jyeoW2ow_zQKApbWd4Qj5u41B0X6vlCaaHAhskzBSyVzkF1OD35

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 07:11:20 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0848f2daa11a85918@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Yll0UllzdjUxUU56eVU1&google_gid=CAESEBpVLK6dqqpcTo_dC6uECo8&google_cver=1&google_push=AXcoOmQOldUNlGmM9VEsD5yKwze3lWxFYLDU2YvIXQouTQye4jyeoW2ow_zQKApbWd4Qj5u41B0X6vlCaaHAhskzBSyVzkF1OD35
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A842
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFM7O3q5vcQa_FTOzcv9Bh4&google_cver=1&google_push=AXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFM7O3q5vcQa_FTOzcv9Bh4&google_cver=1&google_push=AXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0Q...

43 B
449 B

221ms
219ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFM7O3q5vcQa_FTOzcv9Bh4&google_cver=1&google_push=AXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077988&bpp=552&bdt=832&idt=1096&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31077327%2C31078200%2C31078363%2C31078301&oid=2&pvsid=4176355876507025&tmod=580213982&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vqemlxg1lv80&fsb=1&dtd=1180
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81035edd2c232179-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 333
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFM7O3q5vcQa_FTOzcv9Bh4&google_cver=1&google_push=AXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRzdzA5meuaUlRC-En-kB3AddRv-3WLKzxzThYBGm1W4KFW3BTbdhJnp41YCYbCPSkMDbmUpYbr-m5orQkSKqjQbJVCu0QZ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81035edae9eb2179-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A842 70 B
149 B 418ms
64ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELbIUW3xTM2AzPwyMzN7vCY&google_cver=1&google_push=AXcoOmQ19Xn4oxZmdvoRLJET1Oq-v18iYCX0N1pPCBmL3AAH8BnvM1BJi-QhUmYxxODF-YP4YKjnVLJpxxIx8V1XnClMWV-p7GMj
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046731&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077988&bpp=552&bdt=832&idt=1096&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31077327%2C31078200%2C31078363%2C31078301&oid=2&pvsid=4176355876507025&tmod=580213982&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.vqemlxg1lv80&fsb=1&dtd=1180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:20 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A842
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFpBIyLGTB2hSchwEdwS7NM&google_cver=1&google_push=AXcoOmQmIzIAbJWby_H7Un-9p4VrgcQkNzPvfR08y1M7bNwQHmQJPM62cIWEcuchQfhRgJDrCxK3cPkB3QFIHoA0...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_25rRT1bSaI0431TXWKwwg&google_push=AXcoOmQmIzIAbJWby_H7Un-9p4VrgcQkNzPvfR08y1M7bNwQHmQJPM62cIWEcuchQfhRgJDrCxK3cPkB3QFIHoA0nCMa9HsoVFY

170 B
188 B

71ms
65ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_25rRT1bSaI0431TXWKwwg&google_push=AXcoOmQmIzIAbJWby_H7Un-9p4VrgcQkNzPvfR08y1M7bNwQHmQJPM62cIWEcuchQfhRgJDrCxK3cPkB3QFIHoA0nCMa9HsoVFY

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Oct 2023 07:11:20 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=_25rRT1bSaI0431TXWKwwg&google_push=AXcoOmQmIzIAbJWby_H7Un-9p4VrgcQkNzPvfR08y1M7bNwQHmQJPM62cIWEcuchQfhRgJDrCxK3cPkB3QFIHoA0nCMa9HsoVFY
x-host: tde-deliveryengine-production-8b9d7bc7f-r4nw4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A842
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rATpeIk_SYCmF8QwgeV6ZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

351ms
278ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rATpeIk_SYCmF8QwgeV6ZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRLbIYN2VzyBlRO7Q5tmdmmcHpS3ZFnmRTfecMEBSpd8uSEUrKCxgnBaWer5gy2HyR_Trj4phWEFId3hicWDEBNC9142DBq

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rATpeIk_SYCmF8QwgeV6ZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRLbIYN2VzyBlRO7Q5tmdmmcHpS3ZFnmRTfecMEBSpd8uSEUrKCxgnBaWer5gy2HyR_Trj4phWEFId3hicWDEBNC9142DBq
date: Tue, 03 Oct 2023 07:11:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A842 0
12 B 113ms
69ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KT1_kkcLDMhNMVqLfwSoxL7qUF1RXpatRGIQClVo9SY_SDHnadn6c_kGfKN3jUH2ivrL8Z

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/ Frame 8D02 11 KB
3 KB 271ms
39ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea94b1961a49ef6ff1d60d88c4104216626cfe9c6bcb8a5f976c42c870f474d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3186
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:20 GMT
expires: Wed, 02 Oct 2024 07:11:20 GMT
last-modified: Mon, 31 Jul 2023 14:55:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8756 0
0 317ms
83ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuudSzOLCgcZYMPXG8nRSfEJHL6V0P0i7H_rRlHFuygU5vDFDGkeZae5iq1HwFOSDEpMBfInUlGJfoomDV7WwV4GuY6xwZnLpnUs4ksnXPCZlEEUgSeOPJErmPQDHUa0qpa6xsnGoARR6eBqthnie4nRbwrGtinfNoX_XnKrXXHCXEqxjyOCnW2gZHNDPv0gQhKD9i6NOwGDpBxz8oie1vNvOnB6DRbtrtIjTBOcFTANEUqolgCcu9JRdLqf9ta7FUpg_sltGvFDLs5ZK4Wbsz9lzhqxRflONoO8Lq0mZ9C-DARXqgKWqVuzOmsJg3ZmQcOO9NU1TaVpRWxMS1ilUFfJIOhpydR9_hvvwu-UZU412HC-L_iuFP8cP1w6QQwMZGTj6O2sgD6L5ZdsAP9GGHvlqBq2ZBX8mCvSadHHQa1qeAF6j_RxRAepzHHTzSrq2Ju4Y-eTtk8BCl5v5oOMXHzvaqIoH2xujmgfLJtZOkXS4Dh0IT9-Xj5dfXnu-rdbULDpqFa_TUrQ6dT5mGbjH1l9ZcCxGZy9wmVPii2_xMTAHYbU_SZsYSea-SAFfaSKRjnZcRnWmL53pSoNtkQGOUp58knaW-MZFDFfaITsRPngF3OBmg2PqaII0kIjLvWjG2hyRofEKRrf71BxbBnQNNJHjb3NhmR1dhTMJKlpOGHkri9Ia_5FA_eDHuKMKHXBvd8U9CVUtfRTEfn9M3k9GemiMA5Qc9cQ4-khnw61rOC_n7JlCnHLbip8YxyFmiZlXygBdWm4xhq_17YRJTCi5gNZtlghhkjAhhHnBRVnsxBuhg9oZMZ1dBdmq97s-0SY_GiSxZdbMEH_x2dk8rW92zPoCBoJqCE6wz_JG7eaWgv5-C-0G3Lw8KOdEqJ0AOzRV0bV7tdzSjzpsdQy0qL7OfZRtwFIBBS4cPOD5Xc3OWFOEtd4XfSEiEjnNYUWi5m0dKhZmb8WcfqvqhF8i_Ny9cyFFX2UYUNtZS5szJGWMQkRDeAlS7e_geXYdUQWKHXbOgU7fyGmrMfyeqmphI30rlsPK8tKNUVFg4GicpQGdmFD32cGT9GkhJ2wDKf17aZJCHzos7kT2RD5pfUVWY6x0wnimhHGKEP9xBM2RAsxh_LjRTP7ytQjMrOnobvbGgJqSjzrm9Le5G3Dk4_z0L-rlPDy1gsrYIH629C-0HMlkka6ggR-hi_KEFqrNpazz4d_D5_zG2dohVXADJVoF_fkJPfz4gtc50DmKMn579Xc_94MI9tXF7z8chptD_2KyJ7Ojjr_lF-oEcHqLSGn0YT7e9Lsl_icig2rs6is1HY3tU6U2rTxuSrGr8A&sai=AMfl-YQcx_zmzao0WcTm_vmZhNCmErOpwoCkY1nRlqBOiBk-pD92dsTeND3dRA-n5TOsBOwrOH8CcebCCwwowWEv0h9bdaPllgdLdxnRpizRumXDDpVzj764pB1wVEenwY_k6y_SasUlmNayqVw7arA77MMmK90gmokJe7IFsgrfiZ0bA98vWBsCe5silOOX_C5_aeSiPOQtADBkbgGBLtyoAaMQz5T-bPR6ikIAUT7ptiTT0wVybpbToHPApZkVu5vnp7Ns67V3q9gKLJn7ER_4xrBD-kak9ULPybsnx5kfizzF2mAtcIgDZM-s5bkGUQ&sig=Cg0ArKJSzDyRz67B3NpMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=536&cbvp=1&cstd=487&cisv=r20230928.16105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 1DB3 1 KB
926 B 466ms
65ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_426484977986&jsTagObjCallback=__tagObject_callback_426484977986&num=6&ctx=29615901&cmp=216242&plc=7609401&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=426484977986&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=89&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&htmlmsging=1&tstype=128&aUrlD=1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTau%60ge37fc%60g4h5e3_f%605_hb7%607a25%60473g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DI842CE%40%40%3F%5D4%40%3ETar9EEADTbpTauTau%60ge37fc%60g4h5e3_f%605_hb7%607a25%60473g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaub%604%60chgeffde%605_7hg_ghcebe6_7_c52%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%60ge37fc%60g4h5e3_f%605_hb7%607a25%60473g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETau&dvp_exetime=7.90&callbackName=__verify_callback_426484977986
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: fcf32410bff53530e5f09e4f8b9f95bdabe265077098c9488d0a3c819255b6ac

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 07:11:21 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/02/2023 07:11:21

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA10 0
20 B 161ms
77ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4786008416245&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA10 0
20 B 167ms
86ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4786008416245&version=m202309260101&ct=77&x=1&cor=12913962032983513000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DA10 16 KB
12 KB 200ms
102ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIiBgCw7yQ5AwYTZrUzc3kxnonRJ6jfkyNBu0mDXEBP5klKd_yrWpxr5GGz85A5NXzMAV8VzkdQbC6Vk4gBxmG3E9R9d5hT52kAuBUHK3_POs52exrkh5LbwkGHjajUNeeMH2vUFQmPHV0pzaJF-VgUxKgQl42yW--WfF6HWrOjmOD3iY&cry=1&dbm_d=AKAmf-BLskY1EpILrZhh3yPh8OTcNmGQ8VaEG3CRyGLVCz4wbDG6Bhu6uiWc3Ie6wPd2Ku7AXzohx3EZMGwQrs75nY9T_1H4nufDY6Og3jhV7EVuaFPN-87SucfQdEegBio9Vt2M6IcY0nlDbTDH5jGBfN33-gE5B3J2h3fya5S2Oobr__B0Ac96O0_H9WinWO0seEYqfQdrUcoAC-_IUzvrHxBtDQWtj9GtZaCopY277HBJdZaDor3tlgh9cTOhQgEPdvzDJ5QNXeqcxrWcVBVSGYn-uiud1nogQdumkNUIGitgpWEcckPuJD6FaHInL4x2TtxsFNmycFvtNRgp6yyJ75LJIBL4TthahY1DiIGoE8vkdbz5G9FIKucf1fdgMNGTMw1ZzNh_sk0eNSkhS73dPGnC707_lxK8k2uEdpVewK4YR48sFV3ZyFEYc7XNHkBSuS447nawxo56TXidrPM_5hkqq9OLiqL-kL5An2DimZEiZA17P5JSR2_56KHYUb30l0d6XeqbtNoS1VtV7nZbA_AZbW1E1Ap8seYmagq_AP3Updk-Otph9jTnbe2159dMq1eJtMKMKJv0EP0xJ3z6OWEjFOb-kGnThJeyFGdoCEl_q16_9HjdlfocRtbaKt4d6ezkuoqVEbEOD7KHxOAIk-0boDreECudBSFc2aoXvU_CZSLyD0G-cZ6Lz7NRjW-3WCx1jY2u_mA-jY-W9XyfCcLP21t4GYR5y7th_sMKUuSeFLb_UY4abayUdN9lRXAVG76DSHl3QPEDcZc60vmgr5Q3Cmb6N5YR0_ro93RAP00_EhFFVD17CSfzpt7hXsQWLK1jXH6cEP3WA67eMSqXa1XQ8C7tu-aBGUzigsmFyYTzNHwGqT6NEd99upu-lp08rH35rU4Co04MUKsxLn0-b2SPYu8abqZUkMIO5b3_k3N13tKTn2wN2ZJq1jnFIdgmPlj_Lvet_-0VM3Voe10-BXYOm3qDDSIO4nBVE8pLRTIvEdfNahXmoLc1h16JxBqvuOOM_cUECWxVZTeNfjnnPrk8D1EeGmKWNgYzRjUsSitvCKafVADVqXUmmzAMJmgz6S1oCfvit-_e2elCoYP6QWGD1k2FV00HRy_beV5O2pRcnxe9CSBw-GtFEY4OExxz-e0QfCzSHlv05wXP9BXxOI1PtNhBw9uYEzaxHUEY6sY3z02GdZBi0TMw83uHsDrWRxHQrW_g8RPSDfoUGj-bbOOrIs6UMq_gM5vDdBFzzCCIatzTJXu39rc8cwiz77SfWXs5s63mDXnQgIMhKgj1gfrJREaEdwwCPQ4FRNsiEUbnieoXkY7rjm7dwz_GpmZpcQvYrllhAhiCR8WUxIZstnfczX5CIp9dE1vEC6ujAUxrcSQ-SturuBKm3rWt1kUc2_FGT9V5ADKrbmQ1RIrP4Gu95pJAZBHMpgWp4wy8ZgBgFjaTt932F8p_ONC5c6MMcjAVDVDrSEUZiAZZIl_lEVBbVZC9_WyMVKCfJg3s1WobXKKav8qLCoFvhC-e7V1kPSVLeBk-ucwwEhzzCPyusbs3SwyJunp18xWW0HBQBsL8tFpA6vGl_Qso2b-vbah59kItW8ywLTCGIPQsV7oliFVKY2YPjiwYEp1mzxOGQno6oxPkRpChmTyXmMZegzthC_BBQQSOTLZAUBPndvptIZ5Pp4yikIJo7gkaTFx_uXRrSEkUJiTC53TqEzzHH73lO6lH0vORZUNb0KZdYBt3iSmMBu5SNWez3pzqL68VAGU2CLN20k1qaow1l9t633Rr1havAn14I5siSxvU7vddBlXhFxIWlJBcg5EY-RPcUQB_vxIguN9YDi8sW-TUFWJdRhX5yv00qhkHYytp0Wv1AX4bAYijtGPdMHuejfrYGeAOw0KQYdAbeSHAZEpS6cq4F6utcBW9N98VW7IT_AjiGisecOyvNm6FoguKE2bUjnAwO0SVu870SHDu2E3dr069MyoGGBqlwd-ywf-WUpIRhd_UHpiFEwPsn1YfTK8nYrw2Uuez804lJqhTBpb49_PdllQ1_zR_iqMvPHg_2-iM556o-EiXf29xX73Ad1l9rRGZg_hegQq-2aYTfbfArp_thISqE688sm92I57FRiPcGt_PF8Gx1ufilzOIh1ja55SCipSjcCz2f4vMS7MFYGnNiTPdr0DY-3LX0L8QSvQUCXeRuQzjY7yGsP86upHiuyjgQe4_elKCh7eul3N8X5U4xAqELPH_TlK97WBhAmExAqK9cINtNUJ9DHCyVdrxtMF5pJ-rLJnWVHLTustOjDXcs2u-xIGcyoW8yNzzBUp4BGQnmjCPCW0McKB40MaK4dv3jCsUXl1eh34yLfr5jxBlW1msUbo7VT3tmptC0jYDA8hrKVfU6jpJOeuml7TfpDxMbd5YHVO6CNeMfr7HQR9lwLUyWewZ9PwldI4Aiw6cOZCQpssvlQg6Khx8BkZQ0QMj_kPv_6tp5Z_6IAlKdrCPEHM6-FS4SF-JnC7Z3IoXZyajy3c80utl1w9q3MYWo_jhqDPBC75x8fmqbbG2OI_-1k1bOfaqjRbiftUFo6rDMC29eAsbLZKMs_70hfRu4xCoY-yTHvRMMPupYHIkDi45e5qIsugbjsUxzT47Wgh71e-Wfttn6JXUC4aZjWttS_jdObmfWIp5BWP_-JNQOSkSer_MaLEyBFoJOQOEscMGU_QSuAedzIw1Vby_rmRF4QHd8gEenFqxEnXqXG6iNfe7S3RAu5QQw23-Lh_G308_OTBNdnzcqujX5CgOjYbTs9Rv46559dbbWLqysLkS2Kc_ZAlZvYswwUo-A_Yu_WUDBxdhdtWM_180JAiuDaz01vAAbp2SLQHGb9p9rcw_vbEAfCPIcVCA_Mh9L1PqwtCJWdOkGFX_ftOaQnbx8kczjGAe33c-Juz6fAcaGKlRDnNP4jNzBhspS0OIj0Yww3k_WrUmK0YMuwYpAQZBUwmGIHEWugSPToJA_oqBePAQRYB_p_xwxpNiAk1qCDeeRconWTEPd1nW_z4o4PQY256Hmj_gRlGt-HS7AlIVFrUE_zflKxyJBQy4kLwR-ulGXGqnNl6pID9hAtIZpeAsHVHRNJzgsSORZkWfgUgTnIhJAIIDqBS8NFwoczOCjnVevn67ytdpM2HKNZ-2sFWRR3C540FdBXJZjel3kFJ5FlYZSSvnNBTouRsAjNKs7QthPGJ4E85mM3in-g5EtEsX9TgXmImctD4VpDp_wU5BIUzAEPKG5vDdt3QrTWy7ePoQwkYNHjTVZImyoTFG0eDh2MdJ8Cj0pcivFg25eE8UQjotW7G9lEsuU0UWzcLzwaCPbgNEPYOEu2kJskqjAMWWLzQA_lEoQiGVzLuVasB2T-D3RLPmciBQTz8Jem3M4w5uSwOPCoYU5G_GxL8SiVH6Waz6fjkKKBSyzwEzCZn02fWFcxXvccAET7iPoiY1qHc3csQ5VcEIIjK5_NPOkHJcK0KtS-xiQPZ1SajlIhKleKP05kfKfU0FgpEEgJb2rpPLt1KzsfzmAhMDLYIzLeZFSt9BDzarDM1IKN_d95qUGfQTQG2hRt7KBzpiYCEUeN6-22fsxVypP7yiKFXt8O9GEG-0TUOK7UWKT-IM2BlrZJEMyXGXtvL8GF9u89w_jb70xXyrmK2SxJIJndL2GZV_rEiSAtroLas6zZA&cid=CAQSKQDICaaNbOO9D5gEQK8ITM8QDPQ_GYKwK0X7CYNjRCqDl6caIj5SGQiMGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=12913962032983513000&adk=1761367587&idt=420&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c47084c2145d7331489565f6747ae1af154b70d0d3ab809451f0a76d031680f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12025
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A1D7 22 KB
8 KB 149ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 95898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 5694 30 KB
11 KB 71ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUDj4EDXq2JJ1viaDgkwXmkCKMPRLvHups8iRfGVQvKiDT4JuLJzCMXsWTS6SziO7iC0ry07A5lU4_KAuQNfdwc8fVc62TlFQ24PkWASN_FmYB2VppdqPLMoCgDU-l8AgRyD1L51vcsD9pE1OEy39h9h3kZAgUMeWJnIt3JQNTwQDjpsM&cry=1&dbm_d=AKAmf-AJ8FuC-J0nVR2SDE6wRCis9mCA6JPtF79es8wOVvGLaqLx6QnuflU2bcVZ7l5xL4SSrlH-Jz-Dq2sLADto_IUX2gZFiZZjwpJL0E_ntA3ro77CsZfHUFnMSHEDeC5XCtGU5ZUQuP7nJNW0XyPDP6nTZpRPeJcWacvir-Rs4J0XIVK-MjWugOBF7VIFd1CYkI8P3WPZTqA_YfCJC3z_AlstZZqoZ_FLibfGmLlc6Q1M2q_hsYai_MX98wZIa7DzPmYRocd2EIxYGfL2LBqxCCVBT7JddYYuI2sXmP8Hfcy-bmxLox0LQIT8tXPgKr5Q5T0j45OTNpvvZP61RLkgJNrBj2QE82Q7k1_iRUm6pctnYW8XFPuLzFTo_RhogFNSKF8F5qCtbWiob8Fi1790CpvU3lrdoewoNOD-MIbo_Ov2r4zArgI5LGSrWTrqgpqLxFed8WnFTwABy1OYr7zSfBk1KTglP-wyrzXAHMmm_b7LEnvP50DK520oW8b2uN9t9A4F6DlwOYJhUyo5kgp9urYwtUAlUB1gY9CtZibXtkAHzqlR5kDIRo5haTTjtED7l-I5Ikl9jXFj-T51Uvqod8X1TLMdJgRiLw-kXB0DLt-CZicTt_Kkx5EmMDgIYAw6_HD0u5h7UAEBcmWF_t2EkjpJW_ExUgJqkQIv1_3ica2ApAM7WdfEpVwRLaapPjs8-hrx_gLLmSAUGW_EvUm_Nz4TOpR9gcVdAn4IF1R0_sXhl0Wesnx3etoYN3fKBvM3CjyjsjIL9kvHaywmPujJYoOKxzuhJbm5oZXpIte_gZR9bflTaQ4RmRC7Wk6bajcE1vP-q_bjVu3u-UktEeQGBDSOh7Tq-9WHO8pkYWZZLhS8As1HM6XbrH7hYqFtcexDegZtEtcvIpPvAbkkyM1muP169_L9YSKgx5-gkJk76JzX2gvBf7CcLudwu8cbuNdMq8V9xQvWwsNt0aF831V5CAXHLnkhGHdstFVbfqlj-GuRQIqxWuPG7pO1-xRJbnMuP-AfRjnEseANlyVTLSDpR1XIaY4rrH9FOtPqCk14ool8loBkWNG-mt0hSCTssaqxpYHgFYXMWDX2q2kP4Z9NMesCZw_O4doQNS0CGR8pTnpFnb3nYF7q54AMXK9SKzl3Ri5QJOVwms73I9qeO-pu22l2mRdEWkW09G8ghz3XqnXk0Yd_zSJkK9YqBXDhLjG8fN0jjQSDHxqq7hZb-fr-0x-OvrFmJ88tm4WhGN1a9mFQl4TEOV-worDzPQDw4qsyCvLHuFdB-DPpwgTyG3KFq-UliakyoZPPNv86th5QGeQnKvcZH6j8Cfce7jo4xbLoTtO_jB3ikJKSsak-f0kuTnOLYWHW1xjWtGDuzyCOU4r-dLmW7Ufx2wAiaPspjtF-6B-JWfpR-IBqGV4-LDRZLRTbwt6pNYk0NdfX1XxhRP7aIiabaiY-8qXwyNuXI6f98Z3W_BLjhrueLZRWGWosuB0i6uzEOJQPkjYQ9SeQ9MIPRiTwsG-MLamArZUWTbTGMUWnGbBtY6iQt0z7vmhZTogZRXEzWG71DNrbkHuyGimDgjb-mTcn2IU-1kCwaf3AugvJm9Ylw7oZImASRdeQfScCUrweyH1fN5S5Em2EwyLYTpE5g3jdM89yCaG5FslAxZuTgGxmVe_gKcAdH-DvzyXi8hUN2YLZnB4k_YUomEFRQXwLRQxvxaio3OB4GBzKQJe0YVEoRiKXXQO0wUO_X59k2vmKi8R27bDjWEYt9LTO3HhiSgiluAeaSC6_ONLrtSfkMh_U3hJ_cVBiSR_HY6MwP4pp01t1flLBmMFyoeDEVvq3D0LQTE4RH2CD_GGUWpvV1jZKrT6Fmh8AFBF1LgpAZki_wusMjXSwTElJhBEm213CyLklPb6JkO_DnXloiox2uRNbZ0o9JId71MMhZ7T_k41Df8YO5O2oV3P8pu4F2DLdfRkBPoYoFKhlEvinCMIB6q9gZl_t0oK6NcIKc5_kAnWGqX6sB_dTpbn3qVacuazugTIkGEyc4wQmTYglsZ3ByyutKzcQ-sae4sN6Gdvzz9HjJk8jgn7NlTvyeeyh3XcMlqOMHgRQKrIy0Is24Dk6-gC93hu1__g_az5fs6lp__GqZ_jjHkB8mk6ndKbkhJe7hO7giC9l7GmGuKDu9salKpNmvyLZzbYMbnc8RQ7D1YCqGFmqC-tsAFyhTyJ-VEp07WITz0biX-mWR9cHcTzTu-v6iHBzA6Sght2uvcGuiyjF1Y20Kv8EgS31Wv06sFd87ZOyoCnXOkbKGLOEZyImBtk0CW1qB9IX9YD4IpocWUnDBnXSE59sa4ZSVTKJ2-s9FWRJq0Sdrrro0OhoRPsMSiOU5VWPERW5_VyTXKQmQf-hl-JF_c0wIE92_c9abueC5g6fDPBHBScwXILHJBl0xtA6S_sa5QMqMSEP4eUtGmlsHhk7HAslfrcq_ReHDRveLn1XcrEYGeL3pSkgV7gH9mrPmAqD-2c7pz6ufyqVTq4w-f-6ktyUnJDzqM27nXLn9Fq2K9YrYf6S1t2TpalMTMgc2H_0XMu0q-r5nADbvPeXmk_LWdchubk2DL5ei2eHdwtE3qv4VM2uig0MERa0IPSxrzODc8-oK9Z8NKHuIRiHar_NhMAXUf8iHxWXurZxZWDdeVQrVHeV89P3dtZhgMZkU-uDeREdnJ8LwJqIflriBewhpuX8pSr6ukRwLqgy81AnYESBKx0OgpOjoc3s2mwGkI5Oq1EoE3O6SOtVraS4U4JUBvGfddv_SVz26mKZxt2eiQEqWq7vcXq-ZDbL_DU6XSHI2YQIBBrbH2gEpFVGjWSwI_JkLTm_ePBAEP1rFQ1sbA95BubZCIG9ujYS2iCAGDQ5UdRGCuhs0Ig9EqrYQBly__L62H6mzeEvoCSwNLMgnBoOJz8U0IDWg7g-MJ1LAJMt1hCyOkSMgTK5P7SLi3Of2WpwYHENE4QIKh1KT6ZsrZRB3vknedCMRHn17UcUQ_y8eEZwUx8PeU3Yx79bgBGrX5mEr-fYqabNYamkCBoEQmjw5MCFmRD-iIibnd4qDV49MFQY1GYB0w3kEPL9cipZOw0QGqGaumTYiJlYjJB5tJMB2Q8mTm6s6DHSp_EjlXMtJ2llR0pDRIldHTbW12Fq6Zx9geyACaOAygAX4xEQ2D9_GHtu1P9mlRarkdIZ3MeRKDO44W6ig_ttTWXBjLeXZsSGdT1POUtoVzPzQkpWg-m9dh7_uF7Yd-_W2sp1RvS14eRJnxVGbUCP6Nh56HbGHlkRoi8z_1gF9ASC1ZV_03R-r2eWVitBk0XX_GLwcZW0aS40-I7cJPcdTOMFwiFOYJH5zrqYFP5jZgistBIRxnuAD3SgoKmVzdOs9-l1X7wD9w7DZrp1ff98yejZW5w0kviZs15Z4UPVkJyZxvaqYAgh2CHXOSAR2K5_3v49&cid=CAQSKQDICaaNcOmHgVCzZxiPjzAqgcdllnwTXliZdn81BdUwoAN6Tgfi5i4vGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=4096156551671006700&adk=3676778483&idt=353&cac=0&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

464857ce2cd39f577e1aee4380de452b3032f2746c94be5b8d71508e0733ca40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 18:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11583
x-xss-protection: 0
server: cafe
etag: 13692823745828058245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 18:44:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5694 41 KB
13 KB 93ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H/1.1 200
OK dvbs_src_internal122.js Show response
cdn.doubleverify.com/ Frame 5694 60 KB
20 KB 112ms
53ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=189093&plc=6688687&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0jZaNOYbwwmElwsowx5fhxF&c1=3060631&auorder=1012740201&aulitem=20200241964&aucrtv=495871122&auxch=1&pltfrm=1&ausite=1950747532517&turl=https://www.xgcartoon.com/&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:46 GMT
Server: UploadServer
ETag: "676309fe6e3823d28d9b38e6462bb025"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19669
Expires: Wed, 02 Oct 2024 07:11:20 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634099/ Frame 1331 250 KB
75 KB 467ms
68ms Script
application/javascript 108.128.53.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634099/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-5884294479391638&ias_chanId=1&ias_placementId=20338657638&bidurl=https://www.xgcartoon.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0idesWqTykOBv-D_eVrBY-6
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.53.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-53-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b4ca554e1ccf4f49af7aa357301e875fc590e268863ff9d9325abdb3c8f28d1e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:21 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1331 111 KB
39 KB 100ms
52ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 21:04:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame 1331 11 KB
4 KB 160ms
139ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR8H4lV5blWVFM9i0pA1-tmuKu-u-NC1Tc21UvTzbYu406aLOz25hYLvuzFr5jfOmPgd_0xSJU26rl8NFizcU8fSH8Cb9E6M3EmweoLbsCXtPUAuBdzwkMV0EHoCXzYnNGwJYV1DkdDS39DfqHyejeRfA3EgcWyGtOh0lLVxcDQBI4kDs&dbm_d=AKAmf-DuxPVuVKeYdloARLVVeifNqNO-2U_z-PiduTKCfW50vzY9C7PEG-Jw0e7a-FSO2AzeICSKqzbI2ynEA_3VzMgxmDAw8deJ-_r-6AXYZp9h-nRP2oEY5m60P36wcvSW0_LYdgluXZlXyMc4I8DBOoCQlSO-P9PhOj_Xj34c3iCjauvnNEFBjMIldFn8Vx6QfbCjKvQlkuZnC_TIq5rdmMyPbwXUJVWtdzrnof7mVPXLwDD3PfyjIta4ITCIAcNOSPT-utu8bLQfhO1tKGG52EIe2VHj16hC7SisquUOiQKrv4CJIp90hbX3f6SWc3F8k-jq91BLbnM6f2K-5nqxL0obc7k0ZwF-z4qhp8UBrayyztURH8wjxv6wmG_LIKgEyyivLk7LbN1QaIOLcRMgKO4l7l4bGJEaAZuxS601Qfv1vBY6oQcGxJrNzv70IRe9DcLbIX2Ly4cgjnJxy5jrJKcSh2rLtLNVCnVDyXYfZ-U2F-xSqz6ATNyJ6cQNA4SKW5Ehih_RkaturwR-0ew1iP0lVM9o4aLPfDI_frlRKK-zCXuIwkQCmHJGFntq3QOhco_KRLhKyVP_XIvwpJo0mpyWLmzfOq2uaNo2BBOSEvn0FG_WtR3gYgVYX3fXgoM4l27Na5nZkk75bWdjQzYSXFARgahafrqUN-_HBm_U8euKdo-soA1r9SMB_orhNsA160aalHq6WJuShPoPdBj1A3r8VHXPteyhrwvCp3CKcaon5f5I3-cDsmPwWbkoL-MWS4zRGYPS0O0IECcfdFRSncyuCaW8iveINpE9TXDhbj41BzuGw7m2Qsj7EU02GiglXDV9hXWrC5tZFmBWn_IMnmBCBSVUdwcqv-uY6ZqAbaH6VdYu786_NAkNw-KrbBiT6k1FPZyYP0VXio1h0fdB_vPHT_IJh-rjm09PaJshHKr7nrAT9FmRZPJ8aAQmHQu1o5R8PEEUkhPW3NyqL-L3M_589A0T_bA5oYKd3H3MKHaymPuK2YTxpgnh2zwo5s3-mSfBk_fP6qCu_ilxDkg_v-jkG3SluSFWhWMccMfoJudeKdno0tG67xF5TB6e5GvV4c_rsOEu4AweXUzYgYpLMANECWBT0sgUcqC0Lmms_t1uQEPbxjY5MLgZ_tvP7su1Bbe0H5DyxdDZRw_yeow7j6fJnnXxJt6Mh8zr6E_U8EQXl67Jrz3U88lazRn199Y0AxtwzhDDB5tScxyIHf_wu_noYTV0dNJaCvN8JCguZG_KXp6VmqHGY2nYbmmKkVJCjRoyAEM0VGN2hwZoKcje8uiaHKwtju9zsg3lFWDAI07B4dZA0ODSVd2pyi8iD40LXHCI4tiB6xjWdraAbgUTXzz3T6NCQw4dBRa8Jlghrr4WwgGd4kBHbFxyQHgIqcr09hiGeFyRTnCK3e6jKGa7FKghdiKuMzTpbktYVOIS6d62kjKqVnFIKbyphQZlDBE89KSnCgjKngR9ULyusFQ93_1OQ-5e-lHpPTMbrzOkU_Ls-rNPuaTaODsq3P4Kjnoz5n9op8Q4t7Y2CPLtSkYpvRI0_t4hqX5oTTWMTUBq8xuzUDmUQ9mt1qY3ZBy0nPP2EdXfc9kr-NMlxt-VU7Mwj1Ql-ikN44FUcnHz2V4eym0ybG5gBfITl5BbXMGU97LwMvaqjAHCiaL5sLhXV2XbidSRLySubYiJuf9mlVMyHVewar7aAgE4flXP85gEnK5lH7b6UQRWM3nNg_n-a-YGz-U8_xvQHauS2OeMlssWIpn2qGWzv9DJ_nTNmm9wAY3XERA9FRakiELu_AF8UciVcyvqVKdvnZxflhQj88sgKXyvJx9ZvqpAqtfV8bKQLPVcHducb2M8L3tmuQz3v_qtakwh6tVPxB4L6CNS5o7p2gxy5-v6j15AyKjiATCsXVODEYt4GucrZmkEhtJ3b-EQ-71N0XQOao-Mmyf28PUl_rzBLFu7ppNv4bwuAXeLwiBVDFqFtQJefBs9XSsCxfIIIODscGRnS2MZ9tt-EubyND6GtV4mttCyqYp6xc1IcygxMtu50OOwBaMIWtH6LrfXhXHvsnl2tkUAJl5zY4tOtjDP0AwXGLG1tbuvJ6flMNsXNgkp01JPiZgillKBiz7uZcrpbPZHkm_q2loerL4GFJDS3VYVcgWna10SWmK2rODJOmywg5qOojBRVEk-agDLsgW7g_35wUpKjshdEZtetWKb7RJ-krcznKPGG-CijAT4efLgF0RZIEURbc8aOjqWuLqB5DfjJ3DrNaoQ4l9lh7GWi66SgOkCf-vD7r2hnsPNBaPYfsvj-tuvf1AiLFHTHCKSrHnUANU_W22EUIEdQefqymEI6DadfBEgvI1uRsMZ1Ogu3_YHzQMBqn0N_qtWkUCSOMYFhp173A2X_x_vBICl_O97J-msonNKCy-2wMG7lw_YwFoDj8C5weHVHUZE9nimkd-4S_TlN8Gckc0xWEuKl2Qh7tmuuBzdR0AwlyjUwYY3Uw9eby2FQrmGgJh0b5N8lO4zKQ-DlEgGaWSys9ebKEF4IUpqlvNWdiKGMDx6NYC8xv2djS0yWGvkI7LLGI3YtfbFwZh2B01JjFH0BquSXiBqfjmT2G2O5MnzjzJ992N1qu5-ipFLGmMVbsP8m52Fk3YU10-F_kJqh1Tat7PneVN_493V1oLuus4nZaXMSW-Elk9VzVzj6E4Ph9jlxtXOAE3Q16sJAHr0WZuI_J3RNcCyYtrGEHOyrplScFDkT8SuvCCSP6HSVxsb-WLvuvNe-U1TEUX0U77egZcQUTmQcF9ZKkgb-Wf3ywhF6txa6lxfLx6lmwBDhMJVO7vUJ4DdOlR7qjvf6LeWTGsn3rFc3-lmPcUw8kpPCc4hnPIJ-ZeqEAspx9psFduif_AFv0jR8dfi-UBfYpycMS-t5hZ6Y_M8GZVee_N3weQ-zjPghI4le_T5CRkS7akc-UD8nnyyeSdCWl3qgkH_siYUvEufv64tXxRyFqgP1WBi58AwvBvB7AQv6B6dfh0ghoQhKbJRvctYwCO5hobt_q0YEhRPAjjbGyU9gpMIgHgL5W9Op2BCJg1X7sFaoFUYqRtFBaNqX6OutYB0xUkhmLJ-_cqaiJ7sjHDaJuxQQoEH6wBGRBFwaoTOgy_VSQ6ccqAPOFoou_og_fLeAhJ1bdkmg7rFi8ZGUQqSzcguIi4Tb_WbhaFuPlxwXGjwSACxJABdy2TMGK7ruflyvkyR0LM4IZekaztOrFsgoJQ7odRV_rhk_OXY4v4qV_hLcor1q6Hubg1HN07G532XZKGefcUTkAq82SGkTgdxd65UYr71AXEf-ukpkckQWCD7A6SEqenIYqqsW-TFdDahbrRVBLtwAEKHHKUC_C8-rkAMBtWHhjSXa37Idib-eK5EwQ31Ywmc3Wdjlv5b8mvA19SzwdBiug6GJ3Nhas4KKQET-VvBggBSC4hQuh_2bUxqHhMp95MuGATAdZ6V-aNL9_c2riGWuUU9jwXML0JmYu5HBJQmyAIz_-qX8GCRwBlY2l3uqVkLUuDfwZRsoHOb7oic0tXWdMjTv9Zzj5L86t1z4NALSoEboujierjQAWLw9RZN7tgFOzOTz3kxDKjSAc0orxjT0yDKNPKuy0GJmEsbzAASdflAqwu7rizQ&cid=CAQSKQDICaaNHozGcsE2OM746IfwqAIGUso3P1hFgGrxGzmWTs3vs7vngR8VGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=9386516278330325000&adk=2124396030&idt=412&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:43:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 1331 30 KB
11 KB 176ms
154ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

464857ce2cd39f577e1aee4380de452b3032f2746c94be5b8d71508e0733ca40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 18:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11583
x-xss-protection: 0
server: cafe
etag: 13692823745828058245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 18:44:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1331 41 KB
13 KB 176ms
155ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/ Frame 8D02 5 KB
2 KB 167ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616b91fa8689c699973302a45e06d632ec678a897662acc077dbe892490651e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 20:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 14:55:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 20:28:10 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/ Frame 8D02 2 KB
779 B 210ms
62ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6653c7243a2cd4f5c0fb5eb1b8887f00909f737da004eeca80fec1663f20639c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58439
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 14:55:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:57:22 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 8D02 120 KB
41 KB 206ms
58ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 08:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 08:25:03 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8D02 57 KB
23 KB 281ms
147ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 07:11:21 GMT

GET
H3 200 blank.png
s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/ Frame 8D02 927 B
954 B 67ms
66ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/blank.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:49:44 GMT
x-content-type-options: nosniff
age: 346898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 14:55:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Sep 2024 06:49:44 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/ Frame 8D02 25 KB
10 KB 244ms
105ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10657
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 14:55:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:57:22 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/ Frame 8D02 2 KB
878 B 67ms
65ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

249d04c36cba15f88db5b78c963c3d8c638e2c35423c5f5feba0b431bfae8859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 14:55:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Oct 2024 14:57:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 62E5 1 KB
649 B 78ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 83756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DA10 41 KB
14 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIiBgCw7yQ5AwYTZrUzc3kxnonRJ6jfkyNBu0mDXEBP5klKd_yrWpxr5GGz85A5NXzMAV8VzkdQbC6Vk4gBxmG3E9R9d5hT52kAuBUHK3_POs52exrkh5LbwkGHjajUNeeMH2vUFQmPHV0pzaJF-VgUxKgQl42yW--WfF6HWrOjmOD3iY&cry=1&dbm_d=AKAmf-BLskY1EpILrZhh3yPh8OTcNmGQ8VaEG3CRyGLVCz4wbDG6Bhu6uiWc3Ie6wPd2Ku7AXzohx3EZMGwQrs75nY9T_1H4nufDY6Og3jhV7EVuaFPN-87SucfQdEegBio9Vt2M6IcY0nlDbTDH5jGBfN33-gE5B3J2h3fya5S2Oobr__B0Ac96O0_H9WinWO0seEYqfQdrUcoAC-_IUzvrHxBtDQWtj9GtZaCopY277HBJdZaDor3tlgh9cTOhQgEPdvzDJ5QNXeqcxrWcVBVSGYn-uiud1nogQdumkNUIGitgpWEcckPuJD6FaHInL4x2TtxsFNmycFvtNRgp6yyJ75LJIBL4TthahY1DiIGoE8vkdbz5G9FIKucf1fdgMNGTMw1ZzNh_sk0eNSkhS73dPGnC707_lxK8k2uEdpVewK4YR48sFV3ZyFEYc7XNHkBSuS447nawxo56TXidrPM_5hkqq9OLiqL-kL5An2DimZEiZA17P5JSR2_56KHYUb30l0d6XeqbtNoS1VtV7nZbA_AZbW1E1Ap8seYmagq_AP3Updk-Otph9jTnbe2159dMq1eJtMKMKJv0EP0xJ3z6OWEjFOb-kGnThJeyFGdoCEl_q16_9HjdlfocRtbaKt4d6ezkuoqVEbEOD7KHxOAIk-0boDreECudBSFc2aoXvU_CZSLyD0G-cZ6Lz7NRjW-3WCx1jY2u_mA-jY-W9XyfCcLP21t4GYR5y7th_sMKUuSeFLb_UY4abayUdN9lRXAVG76DSHl3QPEDcZc60vmgr5Q3Cmb6N5YR0_ro93RAP00_EhFFVD17CSfzpt7hXsQWLK1jXH6cEP3WA67eMSqXa1XQ8C7tu-aBGUzigsmFyYTzNHwGqT6NEd99upu-lp08rH35rU4Co04MUKsxLn0-b2SPYu8abqZUkMIO5b3_k3N13tKTn2wN2ZJq1jnFIdgmPlj_Lvet_-0VM3Voe10-BXYOm3qDDSIO4nBVE8pLRTIvEdfNahXmoLc1h16JxBqvuOOM_cUECWxVZTeNfjnnPrk8D1EeGmKWNgYzRjUsSitvCKafVADVqXUmmzAMJmgz6S1oCfvit-_e2elCoYP6QWGD1k2FV00HRy_beV5O2pRcnxe9CSBw-GtFEY4OExxz-e0QfCzSHlv05wXP9BXxOI1PtNhBw9uYEzaxHUEY6sY3z02GdZBi0TMw83uHsDrWRxHQrW_g8RPSDfoUGj-bbOOrIs6UMq_gM5vDdBFzzCCIatzTJXu39rc8cwiz77SfWXs5s63mDXnQgIMhKgj1gfrJREaEdwwCPQ4FRNsiEUbnieoXkY7rjm7dwz_GpmZpcQvYrllhAhiCR8WUxIZstnfczX5CIp9dE1vEC6ujAUxrcSQ-SturuBKm3rWt1kUc2_FGT9V5ADKrbmQ1RIrP4Gu95pJAZBHMpgWp4wy8ZgBgFjaTt932F8p_ONC5c6MMcjAVDVDrSEUZiAZZIl_lEVBbVZC9_WyMVKCfJg3s1WobXKKav8qLCoFvhC-e7V1kPSVLeBk-ucwwEhzzCPyusbs3SwyJunp18xWW0HBQBsL8tFpA6vGl_Qso2b-vbah59kItW8ywLTCGIPQsV7oliFVKY2YPjiwYEp1mzxOGQno6oxPkRpChmTyXmMZegzthC_BBQQSOTLZAUBPndvptIZ5Pp4yikIJo7gkaTFx_uXRrSEkUJiTC53TqEzzHH73lO6lH0vORZUNb0KZdYBt3iSmMBu5SNWez3pzqL68VAGU2CLN20k1qaow1l9t633Rr1havAn14I5siSxvU7vddBlXhFxIWlJBcg5EY-RPcUQB_vxIguN9YDi8sW-TUFWJdRhX5yv00qhkHYytp0Wv1AX4bAYijtGPdMHuejfrYGeAOw0KQYdAbeSHAZEpS6cq4F6utcBW9N98VW7IT_AjiGisecOyvNm6FoguKE2bUjnAwO0SVu870SHDu2E3dr069MyoGGBqlwd-ywf-WUpIRhd_UHpiFEwPsn1YfTK8nYrw2Uuez804lJqhTBpb49_PdllQ1_zR_iqMvPHg_2-iM556o-EiXf29xX73Ad1l9rRGZg_hegQq-2aYTfbfArp_thISqE688sm92I57FRiPcGt_PF8Gx1ufilzOIh1ja55SCipSjcCz2f4vMS7MFYGnNiTPdr0DY-3LX0L8QSvQUCXeRuQzjY7yGsP86upHiuyjgQe4_elKCh7eul3N8X5U4xAqELPH_TlK97WBhAmExAqK9cINtNUJ9DHCyVdrxtMF5pJ-rLJnWVHLTustOjDXcs2u-xIGcyoW8yNzzBUp4BGQnmjCPCW0McKB40MaK4dv3jCsUXl1eh34yLfr5jxBlW1msUbo7VT3tmptC0jYDA8hrKVfU6jpJOeuml7TfpDxMbd5YHVO6CNeMfr7HQR9lwLUyWewZ9PwldI4Aiw6cOZCQpssvlQg6Khx8BkZQ0QMj_kPv_6tp5Z_6IAlKdrCPEHM6-FS4SF-JnC7Z3IoXZyajy3c80utl1w9q3MYWo_jhqDPBC75x8fmqbbG2OI_-1k1bOfaqjRbiftUFo6rDMC29eAsbLZKMs_70hfRu4xCoY-yTHvRMMPupYHIkDi45e5qIsugbjsUxzT47Wgh71e-Wfttn6JXUC4aZjWttS_jdObmfWIp5BWP_-JNQOSkSer_MaLEyBFoJOQOEscMGU_QSuAedzIw1Vby_rmRF4QHd8gEenFqxEnXqXG6iNfe7S3RAu5QQw23-Lh_G308_OTBNdnzcqujX5CgOjYbTs9Rv46559dbbWLqysLkS2Kc_ZAlZvYswwUo-A_Yu_WUDBxdhdtWM_180JAiuDaz01vAAbp2SLQHGb9p9rcw_vbEAfCPIcVCA_Mh9L1PqwtCJWdOkGFX_ftOaQnbx8kczjGAe33c-Juz6fAcaGKlRDnNP4jNzBhspS0OIj0Yww3k_WrUmK0YMuwYpAQZBUwmGIHEWugSPToJA_oqBePAQRYB_p_xwxpNiAk1qCDeeRconWTEPd1nW_z4o4PQY256Hmj_gRlGt-HS7AlIVFrUE_zflKxyJBQy4kLwR-ulGXGqnNl6pID9hAtIZpeAsHVHRNJzgsSORZkWfgUgTnIhJAIIDqBS8NFwoczOCjnVevn67ytdpM2HKNZ-2sFWRR3C540FdBXJZjel3kFJ5FlYZSSvnNBTouRsAjNKs7QthPGJ4E85mM3in-g5EtEsX9TgXmImctD4VpDp_wU5BIUzAEPKG5vDdt3QrTWy7ePoQwkYNHjTVZImyoTFG0eDh2MdJ8Cj0pcivFg25eE8UQjotW7G9lEsuU0UWzcLzwaCPbgNEPYOEu2kJskqjAMWWLzQA_lEoQiGVzLuVasB2T-D3RLPmciBQTz8Jem3M4w5uSwOPCoYU5G_GxL8SiVH6Waz6fjkKKBSyzwEzCZn02fWFcxXvccAET7iPoiY1qHc3csQ5VcEIIjK5_NPOkHJcK0KtS-xiQPZ1SajlIhKleKP05kfKfU0FgpEEgJb2rpPLt1KzsfzmAhMDLYIzLeZFSt9BDzarDM1IKN_d95qUGfQTQG2hRt7KBzpiYCEUeN6-22fsxVypP7yiKFXt8O9GEG-0TUOK7UWKT-IM2BlrZJEMyXGXtvL8GF9u89w_jb70xXyrmK2SxJIJndL2GZV_rEiSAtroLas6zZA&cid=CAQSKQDICaaNbOO9D5gEQK8ITM8QDPQ_GYKwK0X7CYNjRCqDl6caIj5SGQiMGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=12913962032983513000&adk=1761367587&idt=420&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 459584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 23:31:37 GMT

GET
H3 200 VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js Show response
pagead2.googlesyndication.com/bg/ Frame B8B4 38 KB
15 KB 186ms
186ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:12 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F15B 22 KB
8 KB 75ms
59ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 95899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK etoqsikfebn1 Show response
hal9000.redintelligence.net/zone/ Frame DA10 11 KB
4 KB 527ms
94ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/etoqsikfebn1?subid=&gdpr=&gdpr_consent=&rnd=1696317079614768&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_8tjl74bZfDCJbuqxdwP9-yOuAOm5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCcQ9KO2mUsT6oAwHIA5sEqgTqAU_Q2AgKIUV7gOopRNdHUaELljF8gWkABINvF9ExfPMCbpPKyG3gvty5Y_OkujjO_hLLZKYMNb3lg9n84gVxuY7x9YVjG-zhFFFZK3Zkwa0N-sVH1avCadz429k8_wWY0bJfOC3KCOLhifV1vnfFgkFTa2V78RzcEhnlpQ5SZrDSpA1A7_wAA_5Qu0ygyWF2G0W58Alvdym4Kr6WgW-Nqzh3EztzxsA_rFwidLf6JNpqydr34q4Ez1iGAiNGyLvAKz72xL7yAoi45CP8qjFIApMkYo24aVU7z6s5m0sskEAB1PwnBfTLMYkNpsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsOrTx6nZgQMVO1WRBR13tgM3EAEYASAAEgLd8vD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNbOO9D5gEQK8ITM8QDPQ_GYKwK0X7CYNjRCqDl6caIj5SGQiMGAE%26sig%3DAOD64_2kEiAn3fjGBUAo8vnyAfbWmD6sGQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Dhp4OVULcIk4iOAfx0d0KWlsEwQTQH45wZH94UFSN6Mzrnr1r3nFBIwtpZ960RU8BliYud_-Qu1yuVHggA7yWgVzYkoRAUsb3AX4UKiab3Y0KlbCUgvbhPEuGAGS85Eaiu51Ibvgt9W9FogLnrNvuemuVQ3BZ33uPKxM_cAOvdZWrtbgQ%26cry%3D1%26dbm_d%3DAKAmf-Dz7N5lAGp1gUGJs5IRDI-2NZrmk05SYB9mDANBpUaZqAdEJrmOID3YRBECRzBytJ1NM7dClGdYRqIA0igudr4VJOzWzDWxZta0P5zTlcqbA7TUPw_FnJx-qdm03w2TJfG7VCrC7BGKR7d-j2nPLy86-WzYa-Mv79LCHv0bA02oNHTgsm_WsLzu-yzfJGh5CBLtTOKk1nYVVzYwvGjh_OqeuDdlA7xYsQ9hzD5TyNguNOu60i59V1bxzprq7htPDeVNAs58-hcaOQOE6zUPs7UOlDMLtuIttPYGeE4a4MFQzDIVYSE4uhXsJhdW71RIev2ObJ79gzF4flJgBcrnKL5hXfuw2dOvjUksAG0tlCZXDm-lE7wrBOzgJRUr8W78VArVhIPq4fwLiiFV0XIj6_GDXh-MxEmyZxZ5MQC9HdgpYFliLt5Yxl1AyOm6U4xYwI2BE3Ehu42olzzsDWHNeFsBfFozZTpqGj_HQv2WiyFCAtl697HZYsu4-hH12X7QqMRlOw4VQpjchYDMBE4AOwyxMocSiMkOOtopWbHBArwK1sK6tPM%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 97765ef819612e7f3fdd6f5b27ad853e12036246bb6da4697a972722cdf1ade9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4149
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js Show response
pagead2.googlesyndication.com/bg/ Frame A1D7 38 KB
15 KB 239ms
172ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:12 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 5694 1 KB
924 B 241ms
101ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_451376207622&jsTagObjCallback=__tagObject_callback_451376207622&num=6&ctx=1828362&cmp=189093&plc=6688687&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=451376207622&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=3.50&dvpx_strhd=3.50&brid=3&brver=89&bridua=3&dup=null&ppid=103&auevent=ABAjH0jZaNOYbwwmElwsowx5fhxF&aucrtv=495871122&auorder=1012740201&ausite=1950747532517&auxch=1&aulitem=20200241964&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://www.xgcartoon.com/&srcurlD=1&ssl=1&refD=2&htmlmsging=1&tstype=128&prr=1&aUrlD=1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTau%60ge37fc%60g4h5e3_f%605_hb7%607a25%60473g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DI842CE%40%40%3F%5D4%40%3ETar9EEADTbpTauTau%60ge37fc%60g4h5e3_f%605_hb7%607a25%60473g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTau%60ge37fc%60g4h5e3_f%605_hb7%607a25%60473g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETau&dvp_exetime=168.50&aubndl=&audeal=&callbackName=__verify_callback_451376207622
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 0095c5c997bf8ac947b4431bb1ad40dbb1edb9df83d325cb47028a686fcb654c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 07:11:22 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/02/2023 07:11:22

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 1DB3 0
345 B 371ms
46ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=bb9889e577f344e1959814025e577aae&vfdur=531&cbust=1696317081904643
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 03 Oct 2023 07:11:22 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-10-02T07:11:22

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 1DB3 24 KB
10 KB 243ms
104ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 06:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:38:32 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4DBB 22 KB
8 KB 164ms
76ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 95900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1331 0
25 B 155ms
128ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BGMxmmL4bZaLyHubC9u8PqMWqqAQAAAAAOAHgBAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17425118478164857034/ Frame 064B 144 KB
23 KB 70ms
33ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17425118478164857034/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c38c9c0ad13cfe2d9e7eafb46ae69f40fa031efce5570266087babf59a7660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 355855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23058
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 04:20:27 GMT
expires: Sat, 28 Sep 2024 04:20:27 GMT
last-modified: Thu, 24 Feb 2022 10:20:47 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1331 0
0 126ms
87ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvypD4e1kLqcNT5vfPZU4dNx3cSkAZXhOjjGouvLz4YHqB3gqBHh3ZK1AEOReWVpu5LkTdqNhyZt8DRC0KcB7ElqcjwUmHCYeMUm_41U3XIsa-FnWLg7C0DMB6fEsxFcA0UY4tl-sf3zC3LKAhE3ZtfTxIqk3563P_Naz4sGmqbAWbrlPjbq2fMZKn-VHQ-U66tQWlrjAP17ohso7NgpQ9bVJFvb5C5jOf9NrJL5wq8h7oFljvwbNJQHJxvth-IkEE63YzfmnS5pqRTyahYRC5-G5dYI-Jo_RhA2Vlnhv2wkwbHJsJhHcoi2Ht5KmkfVM7dhvZnDr8r0na1Crh2os4GHSkVl0i1s0cutrCjQqNmOkYLKGHqkkNxEOH1_jtx6D7wuVqGCnwcj0LpWEmbWvmrg5bLK7Mgv1qzkl8c691ShySItqLt4zVN6TKFL3vldEyv58LHwpULlAqkbzJbFoXqfcbZdkVd9RD6CcxGrXy0iW1RbEdg6M8y2oJpSdp3HEboTDN3zsyTs_vd86kQ9MbOS0CL-x24J9PzhPSWp32aWkPvi565uevO4m1o8orSiFfHuGr8cgyxwfaIBCvzcvt97Y42GlNyMsdVNMq6rohSZay6Nn5Cq9zhUmEqJ5ZsbvEAgpKq4Eh1s2Irl4gG6ParCEf-Nkkl54aozM1GyGGXwnC5r9m8KNSw_EBSwRUmkmKcT3RDT6pUlsV5Wce0DSrD4yA8VVEwoTQRDuwH_DPMp6mSmKwA1EtWGSS-UVS3XHxHC7vy4P_fauyWBGdXbX-yFzgfFdxCkLUASrmA-mw8ewa6WNOJ8yyZcZ7BZMXo9bYZZSMuD-ZZNNj5YipJm_e0pfoMUsTuNeI0LRxN_eOWMEwnbmnqZ77CgOKETrX1S5SFedHwEd_Xq4ExxRtQw4ov39FCgy-wkYNXePKOU5fO7-U6HJHPrXW-Q9ilXNA993whQ-xfaD7U5iZI-p6u1WfMzWIK8Y6NVsSS7fBX97NZ3lhCQ__aSyW07zOzgGoKExftYYegPfLGwxHjxy40iGEsGsi92SW09XQK6j8etnwf0BmNozCq1Ma4W3TwnXavfiZtMpxe6wmVBjWw8BulBeCeb6kZLKZamnZvu24fSk1tBOmNs-GHC4ReQOx_PRHGsF5OJPn5f0o8TrVV4Qzp1oApEhEnEy76zuB4_fgp6wKtYohRJbJcjOtoCYCdZOwD-eYj04t7mtTr-WN6iTuHhJBLceVe3W9rwlqVc_aAznDD9R3_DqDq3vavqcPVg-uVO0D4VHkKUQ8a4YQzq-6VXlo&sai=AMfl-YTXOzufbz8-2mqP3D3i8WveKzN6C5GgKLtUF8xUZlD653VyhtX64PcEpBGkoYK8gAeHLJ3ahpWRMRI2NyjjKoNxXZvnDn4wTKcIRr4w0FXtIcPgu6ie0flw9QHthoZ3dTyxGYYB_dYiwlWjEmHBe4_jJdhfPccxPawT5G5b5BjMAJ-iMtVnakiKDiUW-1l4VqUvy36hp0ou&sig=Cg0ArKJSzA6Te20PfQSTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1501&cbvp=1&cstd=1477&cisv=r20230928.72677&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 07:11:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 62E5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1&google_push=AXcoOmRyScOqMicfLB8_ucPPqA5Anrqx_0PGovAFzmcNHE4uSIdmvR2-UkWIsEOZpUwYoVVJEot45K7p2sOVYKqn233hSgK5imk
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM5MTQ4MTQzODk3NDg4MTQ5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1

43 B
398 B

49ms
48ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62E5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDAQaYdf9-W6qzR-cgyGa-c&google_cver=1&google_push=AXcoOmTNBfSH7DLViy7NdGIpAJnv_HydR-frZz3AwEVztJR5-lRF4vLiYaYaDMpbeJ1iH7y1P2tjA5qjq9hugpfKpW7ASjyF56U
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=720EB514B20A488FAC93663AA87B997D&google_push=AXcoOmTNBfSH7DLViy7NdGIpAJnv_HydR-frZz3AwEVztJR5-lRF4vLiYaYaDMpbeJ1iH7y1P2tjA5qjq9hugpf...

170 B
188 B

46ms
45ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=720EB514B20A488FAC93663AA87B997D&google_push=AXcoOmTNBfSH7DLViy7NdGIpAJnv_HydR-frZz3AwEVztJR5-lRF4vLiYaYaDMpbeJ1iH7y1P2tjA5qjq9hugpfKpW7ASjyF56U

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Oct 2023 07:11:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=720EB514B20A488FAC93663AA87B997D&google_push=AXcoOmTNBfSH7DLViy7NdGIpAJnv_HydR-frZz3AwEVztJR5-lRF4vLiYaYaDMpbeJ1iH7y1P2tjA5qjq9hugpfKpW7ASjyF56U
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 02 Oct 2023 07:11:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62E5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECF1QWT-bNb76wVs4LLzTj0&google_cver=1&google_push=AXcoOmShKKW9SSbDVyqDgLLrFqurQIlT0Ezn5bEIN8SoYK3gZ3YTsX2_6a1jvY575mtjBglhNQQZTNi0Tq4b47...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NTYyNjM5MDg1MzU4MDk0NQ%3D%3D&google_push=AXcoOmShKKW9SSbDVyqDgLLrFqurQIlT0Ezn5bEIN8SoYK3gZ3YTsX2_6a1jvY575mtjBglhNQQZTNi0Tq4b47piIV...

170 B
188 B

40ms
39ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NTYyNjM5MDg1MzU4MDk0NQ%3D%3D&google_push=AXcoOmShKKW9SSbDVyqDgLLrFqurQIlT0Ezn5bEIN8SoYK3gZ3YTsX2_6a1jvY575mtjBglhNQQZTNi0Tq4b47piIV5RMwmZbyw

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NTYyNjM5MDg1MzU4MDk0NQ%3D%3D&google_push=AXcoOmShKKW9SSbDVyqDgLLrFqurQIlT0Ezn5bEIN8SoYK3gZ3YTsX2_6a1jvY575mtjBglhNQQZTNi0Tq4b47piIV5RMwmZbyw
Date: Tue, 03 Oct 2023 07:11:22 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 62E5 43 B
363 B 363ms
57ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQgdytJi063LH-ZWyq04fEII4nliRONxU1DNj7yofgbDQKglVlwR3RPaqTpsYpr3Bi_Ph44YfR86v9T6vW4OqAEMKakRjw&google_gid=CAESEGadWwqL6rrqwSv-NcXBdDo&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:22 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 184545
expires: Tue, 03 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62E5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGVBTlxLgbqz52rwmzEnO_g&google_cver=1&google_push=AXcoOmT-2jgDsTRvzoigc-UUJidGvZVv7KYtL91y27ATWUoetDelYW8yCg_gsezatyGR_7z2rB1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE45WkU1VVQtUS1GN0c3&google_push=AXcoOmT-2jgDsTRvzoigc-UUJidGvZVv7KYtL91y27ATWUoetDelYW8yCg_gsezatyGR_7z2rB1LN6kckjqMSUeJo9uskuxSMA

170 B
188 B

45ms
45ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE45WkU1VVQtUS1GN0c3&google_push=AXcoOmT-2jgDsTRvzoigc-UUJidGvZVv7KYtL91y27ATWUoetDelYW8yCg_gsezatyGR_7z2rB1LN6kckjqMSUeJo9uskuxSMA

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE45WkU1VVQtUS1GN0c3&google_push=AXcoOmT-2jgDsTRvzoigc-UUJidGvZVv7KYtL91y27ATWUoetDelYW8yCg_gsezatyGR_7z2rB1LN6kckjqMSUeJo9uskuxSMA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 62E5
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFjQDDeTia6ExhVOaKejzmA&google_cver=1&google_push=AXcoOmSmtKVWAw7roFntc6zUoogV-f_-ZupBdo2mNNwEepDqOTUEOFkhi_nhUOW3bZ6MmG2NVo7m-6...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSmtKVWAw7roFntc6zUoogV-f_-ZupBdo2mNNwEepDqOTUEOFkhi_nhUOW3bZ6MmG2NVo7m-6PMnck3i825alOaY8To1AE&google_hm=NDQwNzg1NDI...

170 B
188 B

45ms
44ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSmtKVWAw7roFntc6zUoogV-f_-ZupBdo2mNNwEepDqOTUEOFkhi_nhUOW3bZ6MmG2NVo7m-6PMnck3i825alOaY8To1AE&google_hm=NDQwNzg1NDIzMjYzODY4OTIyMg%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSmtKVWAw7roFntc6zUoogV-f_-ZupBdo2mNNwEepDqOTUEOFkhi_nhUOW3bZ6MmG2NVo7m-6PMnck3i825alOaY8To1AE&google_hm=NDQwNzg1NDIzMjYzODY4OTIyMg%3D%3D
date: Tue, 03 Oct 2023 07:11:22 GMT
content-length: 0

GET /
csync.loopme.me/ Frame 62E5 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 62E5 0
12 B 93ms
79ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqxG8cq0VsBHXpCDIHyettTOX3iKLqVxwH8OonFu9uNs0aEZKW4EdfaAnpteajlFkMUH3mUw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2176 38 KB
13 KB 89ms
81ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 91612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 05:44:30 GMT
expires: Tue, 01 Oct 2024 05:44:30 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 1331
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634099/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-5884294479391638&ias_chanId=1&ias_placementId=20338657638&bidurl=https://www.xgcartoon.com...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

62ms
62ms

Script
application/javascript

2600:9000:21f3:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Protocol: H2
Server: 2600:9000:21f3:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding: gzip
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 17:24:32 GMT
x-amz-cf-pop: FRA2-C2
age: 308812
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: OOSmQKKtHMP4Cfo_S3iY57KSJaLHGk7i_g9zpr595EB6W0S6q-Xahg==

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:22 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D97E 91 KB
23 KB 134ms
37ms Script
application/javascript 2600:9000:21f3:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 10057894
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: iKSYleKdSLxU3I1owpF1P7Du9PM-w_BSlz_O3SqvkqGVn-q55ClpWw==

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 064B 29 KB
10 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17425118478164857034/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 06:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 06:22:23 GMT

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame DA10
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c4e3d8fff3&subid=&uid=35f4ec3c31183dd6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c4e3d8fff3&subid=&uid=35f4ec3c31183dd6&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

229ms
140ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c4e3d8fff3&subid=&uid=35f4ec3c31183dd6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_8tjl74bZfDCJbuqxdwP9-yOuAOm5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCcQ9KO2mUsT6oAwHIA5sEqgTqAU_Q2AgKIUV7gOopRNdHUaELljF8gWkABINvF9ExfPMCbpPKyG3gvty5Y_OkujjO_hLLZKYMNb3lg9n84gVxuY7x9YVjG-zhFFFZK3Zkwa0N-sVH1avCadz429k8_wWY0bJfOC3KCOLhifV1vnfFgkFTa2V78RzcEhnlpQ5SZrDSpA1A7_wAA_5Qu0ygyWF2G0W58Alvdym4Kr6WgW-Nqzh3EztzxsA_rFwidLf6JNpqydr34q4Ez1iGAiNGyLvAKz72xL7yAoi45CP8qjFIApMkYo24aVU7z6s5m0sskEAB1PwnBfTLMYkNpsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsOrTx6nZgQMVO1WRBR13tgM3EAEYASAAEgLd8vD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNbOO9D5gEQK8ITM8QDPQ_GYKwK0X7CYNjRCqDl6caIj5SGQiMGAE%26sig%3DAOD64_2kEiAn3fjGBUAo8vnyAfbWmD6sGQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Dhp4OVULcIk4iOAfx0d0KWlsEwQTQH45wZH94UFSN6Mzrnr1r3nFBIwtpZ960RU8BliYud_-Qu1yuVHggA7yWgVzYkoRAUsb3AX4UKiab3Y0KlbCUgvbhPEuGAGS85Eaiu51Ibvgt9W9FogLnrNvuemuVQ3BZ33uPKxM_cAOvdZWrtbgQ%26cry%3D1%26dbm_d%3DAKAmf-Dz7N5lAGp1gUGJs5IRDI-2NZrmk05SYB9mDANBpUaZqAdEJrmOID3YRBECRzBytJ1NM7dClGdYRqIA0igudr4VJOzWzDWxZta0P5zTlcqbA7TUPw_FnJx-qdm03w2TJfG7VCrC7BGKR7d-j2nPLy86-WzYa-Mv79LCHv0bA02oNHTgsm_WsLzu-yzfJGh5CBLtTOKk1nYVVzYwvGjh_OqeuDdlA7xYsQ9hzD5TyNguNOu60i59V1bxzprq7htPDeVNAs58-hcaOQOE6zUPs7UOlDMLtuIttPYGeE4a4MFQzDIVYSE4uhXsJhdW71RIev2ObJ79gzF4flJgBcrnKL5hXfuw2dOvjUksAG0tlCZXDm-lE7wrBOzgJRUr8W78VArVhIPq4fwLiiFV0XIj6_GDXh-MxEmyZxZ5MQC9HdgpYFliLt5Yxl1AyOm6U4xYwI2BE3Ehu42olzzsDWHNeFsBfFozZTpqGj_HQv2WiyFCAtl697HZYsu4-hH12X7QqMRlOw4VQpjchYDMBE4AOwyxMocSiMkOOtopWbHBArwK1sK6tPM%26adurl%3D&documentReferer=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=7985874959373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: ae275697129e6156055f9596a6550574d1519840eaf63a39beea543bf7650f26

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 07:11:23 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 78392200028716804444552012466027
Connection: close
Content-Length: 330
Expires: Tue, 03 Oct 2023 08:11:23 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 07:11:23 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c4e3d8fff3&subid=&uid=35f4ec3c31183dd6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_8tjl74bZfDCJbuqxdwP9-yOuAOm5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCcQ9KO2mUsT6oAwHIA5sEqgTqAU_Q2AgKIUV7gOopRNdHUaELljF8gWkABINvF9ExfPMCbpPKyG3gvty5Y_OkujjO_hLLZKYMNb3lg9n84gVxuY7x9YVjG-zhFFFZK3Zkwa0N-sVH1avCadz429k8_wWY0bJfOC3KCOLhifV1vnfFgkFTa2V78RzcEhnlpQ5SZrDSpA1A7_wAA_5Qu0ygyWF2G0W58Alvdym4Kr6WgW-Nqzh3EztzxsA_rFwidLf6JNpqydr34q4Ez1iGAiNGyLvAKz72xL7yAoi45CP8qjFIApMkYo24aVU7z6s5m0sskEAB1PwnBfTLMYkNpsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsOrTx6nZgQMVO1WRBR13tgM3EAEYASAAEgLd8vD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNbOO9D5gEQK8ITM8QDPQ_GYKwK0X7CYNjRCqDl6caIj5SGQiMGAE%26sig%3DAOD64_2kEiAn3fjGBUAo8vnyAfbWmD6sGQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Dhp4OVULcIk4iOAfx0d0KWlsEwQTQH45wZH94UFSN6Mzrnr1r3nFBIwtpZ960RU8BliYud_-Qu1yuVHggA7yWgVzYkoRAUsb3AX4UKiab3Y0KlbCUgvbhPEuGAGS85Eaiu51Ibvgt9W9FogLnrNvuemuVQ3BZ33uPKxM_cAOvdZWrtbgQ%26cry%3D1%26dbm_d%3DAKAmf-Dz7N5lAGp1gUGJs5IRDI-2NZrmk05SYB9mDANBpUaZqAdEJrmOID3YRBECRzBytJ1NM7dClGdYRqIA0igudr4VJOzWzDWxZta0P5zTlcqbA7TUPw_FnJx-qdm03w2TJfG7VCrC7BGKR7d-j2nPLy86-WzYa-Mv79LCHv0bA02oNHTgsm_WsLzu-yzfJGh5CBLtTOKk1nYVVzYwvGjh_OqeuDdlA7xYsQ9hzD5TyNguNOu60i59V1bxzprq7htPDeVNAs58-hcaOQOE6zUPs7UOlDMLtuIttPYGeE4a4MFQzDIVYSE4uhXsJhdW71RIev2ObJ79gzF4flJgBcrnKL5hXfuw2dOvjUksAG0tlCZXDm-lE7wrBOzgJRUr8W78VArVhIPq4fwLiiFV0XIj6_GDXh-MxEmyZxZ5MQC9HdgpYFliLt5Yxl1AyOm6U4xYwI2BE3Ehu42olzzsDWHNeFsBfFozZTpqGj_HQv2WiyFCAtl697HZYsu4-hH12X7QqMRlOw4VQpjchYDMBE4AOwyxMocSiMkOOtopWbHBArwK1sK6tPM%26adurl%3D&documentReferer=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=7985874959373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 03 Oct 2023 08:11:23 +0200

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 5694 24 KB
10 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 06:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:38:32 GMT

GET
H3 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 1DB3 57 KB
23 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 21:04:20 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1331 43 B
215 B 411ms
115ms Image
image/gif 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3c8923ae-1fde-24de-a437-1e275151bb4f&tv=%7Bc:pXYfiA,pingTime:-3,time:450,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:97%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:450,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:97,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B443~0%5D,as:%5B443~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRBzBEe+111%7C1121%7C1122%7C1211%7C1212%7C1213%7C1214%7C131*.990511-61634099%7C1311%7C1312%7C1313%7C1314%7C141%7C1421%7C1422%7C1431%7C144%7C1511%7C1512,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:99%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1331 43 B
216 B 388ms
112ms Image
image/gif 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3c8923ae-1fde-24de-a437-1e275151bb4f&tv=%7Bc:pXYfiY,pingTime:-6,time:475,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:475,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:97,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B466~0%5D,as:%5B466~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRBzBEe+111%7C1121%7C1122%7C1211%7C1212%7C1213%7C1214%7C131*.990511-61634099%7C1311%7C1312%7C1313%7C1314%7C141%7C1421%7C1422%7C1431%7C144%7C1511%7C1512,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:99%7D&tpiLookup=ao:www.xgcartoon.com*%2C186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js Show response
pagead2.googlesyndication.com/bg/ Frame F15B 38 KB
15 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1331 43 B
215 B 142ms
117ms Image
image/gif 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3c8923ae-1fde-24de-a437-1e275151bb4f&tv=%7Bc:pXYfoE,pingTime:-2,time:826,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:3310,beZ:3311,mfA:3314,cmA:3316,inA:3316,inZ:3322,prA:3323,prZ:3394,si:3408,poA:3409,poZ:3465,cmZ:3465,mfZ:3465,loA:3783,loZ:3790,ltA:4134,ltZ:4134%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:97%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:826,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:97,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B817~0%5D,as:%5B817~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tRBzBEe+111%7C1121%7C1122%7C1211%7C1212%7C1213%7C1214%7C131*.990511-61634099%7C1311%7C1312%7C1313%7C1314%7C141%7C1421%7C1422%7C1431%7C144%7C1511%7C1512,idMap:131*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:99,sinceFw:724,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078053&bpp=544&bdt=893&idt=1273&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3184721645&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C31078200%2C31078363%2C44798934%2C31078421&oid=2&pvsid=1194333735167736&tmod=2027453976&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rfqukalz123n&fsb=1&dtd=1296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8D02 8 KB
6 KB 88ms
87ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31bacb411b0ea4da2bc22fa3031a832365954d52418e00767b991133e228059f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5982
x-xss-protection: 0

GET
H3 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 5694 57 KB
23 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 21:04:20 GMT

GET
H2 200 B9689862.280630144;dc_ver=97.287;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1013789962;ord=om2wqy;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.xgcartoon.com$2,https... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 1DB3 65 KB
30 KB 170ms
77ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1013789962;ord=om2wqy;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.xgcartoon.com$2,https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=AsgdgMBJQw;stc=1;chaa=1;sttr=802;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

22349e69182d6fe2a0fb7f16741ba340e16566faa277403ff680fcc2725ea035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DBB 38 KB
15 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:12 GMT

GET
H3 200 VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2176 38 KB
15 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VGH1mKSfxYHDdsSo-bXnFEwRYk5XYXNaTK3F8Z8cnoU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 559991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D02 17 KB
6 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:11:23 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8756 0
0 68ms
67ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuudSzOLCgcZYMPXG8nRSfEJHL6V0P0i7H_rRlHFuygU5vDFDGkeZae5iq1HwFOSDEpMBfInUlGJfoomDV7WwV4GuY6xwZnLpnUs4ksnXPCZlEEUgSeOPJErmPQDHUa0qpa6xsnGoARR6eBqthnie4nRbwrGtinfNoX_XnKrXXHCXEqxjyOCnW2gZHNDPv0gQhKD9i6NOwGDpBxz8oie1vNvOnB6DRbtrtIjTBOcFTANEUqolgCcu9JRdLqf9ta7FUpg_sltGvFDLs5ZK4Wbsz9lzhqxRflONoO8Lq0mZ9C-DARXqgKWqVuzOmsJg3ZmQcOO9NU1TaVpRWxMS1ilUFfJIOhpydR9_hvvwu-UZU412HC-L_iuFP8cP1w6QQwMZGTj6O2sgD6L5ZdsAP9GGHvlqBq2ZBX8mCvSadHHQa1qeAF6j_RxRAepzHHTzSrq2Ju4Y-eTtk8BCl5v5oOMXHzvaqIoH2xujmgfLJtZOkXS4Dh0IT9-Xj5dfXnu-rdbULDpqFa_TUrQ6dT5mGbjH1l9ZcCxGZy9wmVPii2_xMTAHYbU_SZsYSea-SAFfaSKRjnZcRnWmL53pSoNtkQGOUp58knaW-MZFDFfaITsRPngF3OBmg2PqaII0kIjLvWjG2hyRofEKRrf71BxbBnQNNJHjb3NhmR1dhTMJKlpOGHkri9Ia_5FA_eDHuKMKHXBvd8U9CVUtfRTEfn9M3k9GemiMA5Qc9cQ4-khnw61rOC_n7JlCnHLbip8YxyFmiZlXygBdWm4xhq_17YRJTCi5gNZtlghhkjAhhHnBRVnsxBuhg9oZMZ1dBdmq97s-0SY_GiSxZdbMEH_x2dk8rW92zPoCBoJqCE6wz_JG7eaWgv5-C-0G3Lw8KOdEqJ0AOzRV0bV7tdzSjzpsdQy0qL7OfZRtwFIBBS4cPOD5Xc3OWFOEtd4XfSEiEjnNYUWi5m0dKhZmb8WcfqvqhF8i_Ny9cyFFX2UYUNtZS5szJGWMQkRDeAlS7e_geXYdUQWKHXbOgU7fyGmrMfyeqmphI30rlsPK8tKNUVFg4GicpQGdmFD32cGT9GkhJ2wDKf17aZJCHzos7kT2RD5pfUVWY6x0wnimhHGKEP9xBM2RAsxh_LjRTP7ytQjMrOnobvbGgJqSjzrm9Le5G3Dk4_z0L-rlPDy1gsrYIH629C-0HMlkka6ggR-hi_KEFqrNpazz4d_D5_zG2dohVXADJVoF_fkJPfz4gtc50DmKMn579Xc_94MI9tXF7z8chptD_2KyJ7Ojjr_lF-oEcHqLSGn0YT7e9Lsl_icig2rs6is1HY3tU6U2rTxuSrGr8A&sai=AMfl-YQcx_zmzao0WcTm_vmZhNCmErOpwoCkY1nRlqBOiBk-pD92dsTeND3dRA-n5TOsBOwrOH8CcebCCwwowWEv0h9bdaPllgdLdxnRpizRumXDDpVzj764pB1wVEenwY_k6y_SasUlmNayqVw7arA77MMmK90gmokJe7IFsgrfiZ0bA98vWBsCe5silOOX_C5_aeSiPOQtADBkbgGBLtyoAaMQz5T-bPR6ikIAUT7ptiTT0wVybpbToHPApZkVu5vnp7Ns67V3q9gKLJn7ER_4xrBD-kak9ULPybsnx5kfizzF2mAtcIgDZM-s5bkGUQ&sig=Cg0ArKJSzDyRz67B3NpMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3812&vt=11&dtpt=3276&dett=3&cstd=487&cisv=r20230928.16105&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D8E 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4e1S-FIu3IdiDm6Bp1vA8d-c2AD1Gjp6OSLLrbIVws08v-MFcU6aAvYgFJj4UKyvlzw34ilBOHmnLIpK3GbKYYYKjWeU6T1aOb2MEAqP_m31kzK2Bhs4h_wMznBybUCufioiVNg8HPydiQSq13nQUEwWYZo5IZXejz5d4JtJPGaWknXxBGK_q1k73kzVCh6nOBDR6fQQNXtTTGu6AUnBrIVF8RMCkiOOZZ5x-qTxpGDi4DUkfj_RvfWY7IFzBbEAcmfV5S6O_sNuHlfRiYlSpkTsr7EHvWRRDqRlAgv3tn_yu8kn9pOStgZ60nethW2K1svr1DM-Z_0FYv-LmnPI-7_hljX_euUmcxSRIQY6_Jg&sai=AMfl-YSgxUdL6lGYkWtcqaaXloq_Zvec2WFIGzuCtiwP1y24GX2Ch93lwdIX8Lpdt-awMDlm-4ib4i7yDzqEkfs&sig=Cg0ArKJSzHKXe5fNA8hDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 07:11:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8D8E 16 KB
12 KB 84ms
84ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85d35d03f78aa3d3c2d1a98903e860084faac588eb5ea65593282c0b55be02f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12048
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1331 0
0 74ms
70ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvypD4e1kLqcNT5vfPZU4dNx3cSkAZXhOjjGouvLz4YHqB3gqBHh3ZK1AEOReWVpu5LkTdqNhyZt8DRC0KcB7ElqcjwUmHCYeMUm_41U3XIsa-FnWLg7C0DMB6fEsxFcA0UY4tl-sf3zC3LKAhE3ZtfTxIqk3563P_Naz4sGmqbAWbrlPjbq2fMZKn-VHQ-U66tQWlrjAP17ohso7NgpQ9bVJFvb5C5jOf9NrJL5wq8h7oFljvwbNJQHJxvth-IkEE63YzfmnS5pqRTyahYRC5-G5dYI-Jo_RhA2Vlnhv2wkwbHJsJhHcoi2Ht5KmkfVM7dhvZnDr8r0na1Crh2os4GHSkVl0i1s0cutrCjQqNmOkYLKGHqkkNxEOH1_jtx6D7wuVqGCnwcj0LpWEmbWvmrg5bLK7Mgv1qzkl8c691ShySItqLt4zVN6TKFL3vldEyv58LHwpULlAqkbzJbFoXqfcbZdkVd9RD6CcxGrXy0iW1RbEdg6M8y2oJpSdp3HEboTDN3zsyTs_vd86kQ9MbOS0CL-x24J9PzhPSWp32aWkPvi565uevO4m1o8orSiFfHuGr8cgyxwfaIBCvzcvt97Y42GlNyMsdVNMq6rohSZay6Nn5Cq9zhUmEqJ5ZsbvEAgpKq4Eh1s2Irl4gG6ParCEf-Nkkl54aozM1GyGGXwnC5r9m8KNSw_EBSwRUmkmKcT3RDT6pUlsV5Wce0DSrD4yA8VVEwoTQRDuwH_DPMp6mSmKwA1EtWGSS-UVS3XHxHC7vy4P_fauyWBGdXbX-yFzgfFdxCkLUASrmA-mw8ewa6WNOJ8yyZcZ7BZMXo9bYZZSMuD-ZZNNj5YipJm_e0pfoMUsTuNeI0LRxN_eOWMEwnbmnqZ77CgOKETrX1S5SFedHwEd_Xq4ExxRtQw4ov39FCgy-wkYNXePKOU5fO7-U6HJHPrXW-Q9ilXNA993whQ-xfaD7U5iZI-p6u1WfMzWIK8Y6NVsSS7fBX97NZ3lhCQ__aSyW07zOzgGoKExftYYegPfLGwxHjxy40iGEsGsi92SW09XQK6j8etnwf0BmNozCq1Ma4W3TwnXavfiZtMpxe6wmVBjWw8BulBeCeb6kZLKZamnZvu24fSk1tBOmNs-GHC4ReQOx_PRHGsF5OJPn5f0o8TrVV4Qzp1oApEhEnEy76zuB4_fgp6wKtYohRJbJcjOtoCYCdZOwD-eYj04t7mtTr-WN6iTuHhJBLceVe3W9rwlqVc_aAznDD9R3_DqDq3vavqcPVg-uVO0D4VHkKUQ8a4YQzq-6VXlo&sai=AMfl-YTXOzufbz8-2mqP3D3i8WveKzN6C5GgKLtUF8xUZlD653VyhtX64PcEpBGkoYK8gAeHLJ3ahpWRMRI2NyjjKoNxXZvnDn4wTKcIRr4w0FXtIcPgu6ie0flw9QHthoZ3dTyxGYYB_dYiwlWjEmHBe4_jJdhfPccxPawT5G5b5BjMAJ-iMtVnakiKDiUW-1l4VqUvy36hp0ou&sig=Cg0ArKJSzA6Te20PfQSTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2995&vt=11&dtpt=1494&dett=3&cstd=1477&cisv=r20230928.72677&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame 3B3E 7 KB
3 KB 144ms
51ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=78392200028716804444552012466027&a=6755784b
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c4e3d8fff3&subid=&uid=35f4ec3c31183dd6&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_8tjl74bZfDCJbuqxdwP9-yOuAOm5b2gae2NnKfJD_AuEAEg08vOMGCVAsgBCakCcQ9KO2mUsT6oAwHIA5sEqgTqAU_Q2AgKIUV7gOopRNdHUaELljF8gWkABINvF9ExfPMCbpPKyG3gvty5Y_OkujjO_hLLZKYMNb3lg9n84gVxuY7x9YVjG-zhFFFZK3Zkwa0N-sVH1avCadz429k8_wWY0bJfOC3KCOLhifV1vnfFgkFTa2V78RzcEhnlpQ5SZrDSpA1A7_wAA_5Qu0ygyWF2G0W58Alvdym4Kr6WgW-Nqzh3EztzxsA_rFwidLf6JNpqydr34q4Ez1iGAiNGyLvAKz72xL7yAoi45CP8qjFIApMkYo24aVU7z6s5m0sskEAB1PwnBfTLMYkNpsAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsOrTx6nZgQMVO1WRBR13tgM3EAEYASAAEgLd8vD_BwE%26num%3D1%26cid%3DCAQSKQDICaaNbOO9D5gEQK8ITM8QDPQ_GYKwK0X7CYNjRCqDl6caIj5SGQiMGAE%26sig%3DAOD64_2kEiAn3fjGBUAo8vnyAfbWmD6sGQ%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-Dhp4OVULcIk4iOAfx0d0KWlsEwQTQH45wZH94UFSN6Mzrnr1r3nFBIwtpZ960RU8BliYud_-Qu1yuVHggA7yWgVzYkoRAUsb3AX4UKiab3Y0KlbCUgvbhPEuGAGS85Eaiu51Ibvgt9W9FogLnrNvuemuVQ3BZ33uPKxM_cAOvdZWrtbgQ%26cry%3D1%26dbm_d%3DAKAmf-Dz7N5lAGp1gUGJs5IRDI-2NZrmk05SYB9mDANBpUaZqAdEJrmOID3YRBECRzBytJ1NM7dClGdYRqIA0igudr4VJOzWzDWxZta0P5zTlcqbA7TUPw_FnJx-qdm03w2TJfG7VCrC7BGKR7d-j2nPLy86-WzYa-Mv79LCHv0bA02oNHTgsm_WsLzu-yzfJGh5CBLtTOKk1nYVVzYwvGjh_OqeuDdlA7xYsQ9hzD5TyNguNOu60i59V1bxzprq7htPDeVNAs58-hcaOQOE6zUPs7UOlDMLtuIttPYGeE4a4MFQzDIVYSE4uhXsJhdW71RIev2ObJ79gzF4flJgBcrnKL5hXfuw2dOvjUksAG0tlCZXDm-lE7wrBOzgJRUr8W78VArVhIPq4fwLiiFV0XIj6_GDXh-MxEmyZxZ5MQC9HdgpYFliLt5Yxl1AyOm6U4xYwI2BE3Ehu42olzzsDWHNeFsBfFozZTpqGj_HQv2WiyFCAtl697HZYsu4-hH12X7QqMRlOw4VQpjchYDMBE4AOwyxMocSiMkOOtopWbHBArwK1sK6tPM%26adurl%3D&documentReferer=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.xgcartoon.com&random=7985874959373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 6588c11e6a39f93dde0979cf6e4a0f41de499f1bdaa259957cc0f1d8e20f105b

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2284
Content-Type: text/html; charset=utf-8
Date: Tue, 03 Oct 2023 07:11:23 GMT
Expires: Tue, 03 Oct 2023 08:11:23 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 B9689862.280630144;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=2156455326;ord=jscqge;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.xgcartoon.com$2,https%3A%2F%2F186bf74... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 5694 65 KB
30 KB 77ms
76ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=2156455326;ord=jscqge;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.xgcartoon.com$2,https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=VluMSTnrZ.;stc=1;chaa=1;sttr=218;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

cc3178a55f75fbd4307d0be5e81562d0edcffe0f72b617589fbb26ecfe354f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30173
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1331 0
26 B 72ms
71ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8289H5RWFYOuAj7YWA5H1rwgVJXi38YerHXgyKz5GE8rDwYiNPSe-SpJWYv_BXcA3Mm_0Eyko0pJ8fkI7aOGOkh52AbiE0-L4Q64TaeTRVOwPC2XZulxyjtgCBFvtI3JE9iBw8CdXuo5301izibNKILcCj0QMiggcHsMtjWN0NTg&sai=AMfl-YQQunFgel7rBhhfN_5GDWsqU_Wp_uuAeyZvDdAQl29fwsPzzRwjk20f3pGsreZPEAfHJAJUahRXI-1jNhQ4Be_I_eAY66qpH3EEcw&sig=Cg0ArKJSzBkeBu8LQJYyEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0CD3 1 KB
649 B 53ms
52ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 83759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 passback_300x600.js Show response
static.adsafeprotected.com/ Frame 037C 3 KB
2 KB 36ms
34ms Script
application/javascript 2600:9000:21f3:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x600.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kTzCLI3J0Rawp2tFRAwfopfiJxzrNFGH
content-encoding: gzip
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
date: Tue, 03 Oct 2023 05:02:47 GMT
x-amz-cf-pop: FRA2-C2
age: 7718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"439e58c5a30158dbdc47481bb170410a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: MtxgRB8FVLXYRBQTZPbmOcI9uubjQpFIUsFlwxQKZZvloDpYbww_SQ==

GET
H3 200 320x50_CTA_AW23_E_Marvel_Legends_Product_03_RGB.png_1691427686152_320x50_CTA_AW23_E_Marvel_Legends_Product_03_RGB.png
s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/645cd09c81d20ee81ab4175b/original/ Frame 8D02 13 KB
13 KB 37ms
33ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/645cd09c81d20ee81ab4175b/original/320x50_CTA_AW23_E_Marvel_Legends_Product_03_RGB.png_1691427686152_320x50_CTA_AW23_E_Marvel_Legends_Product_03_RGB.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b75a84f14d5a9b60b0093d1e0620b079ad511d461554606596f08f0c5d1110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 07:50:30 GMT
x-content-type-options: nosniff
age: 602454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13461
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 17:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 07:50:30 GMT

GET
H3 200 Global_320x50_AW23_E_Marvel_Legends_Model_04_JPG.jpeg_1691427686152_Global_320x50_AW23_E_Marvel_Legends_Model_04_JPG.jpeg
s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/6479cb05de53f16af34511a8/original/ Frame 8D02 9 KB
9 KB 41ms
37ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/6479cb05de53f16af34511a8/original/Global_320x50_AW23_E_Marvel_Legends_Model_04_JPG.jpeg_1691427686152_Global_320x50_AW23_E_Marvel_Legends_Model_04_JPG.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

351507d281831dc6f09f0490427b5f0314eff8cc0d06af763bda15d43991144e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 03:20:17 GMT
x-content-type-options: nosniff
age: 13867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9133
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 17:01:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 03:20:17 GMT

GET
H3 200 320x50_AW23_E_Marvel_Legends_Product_03_RGB.png_1691427686152_320x50_AW23_E_Marvel_Legends_Product_03_RGB.png
s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/645df1e181d20e0632cae5da/original/ Frame 8D02 34 KB
34 KB 48ms
44ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/645df1e181d20e0632cae5da/original/320x50_AW23_E_Marvel_Legends_Product_03_RGB.png_1691427686152_320x50_AW23_E_Marvel_Legends_Product_03_RGB.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a883ef0f6f005c02155471fa0ab0c552a45630835641e85684bc6183968dcc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:11:08 GMT
x-content-type-options: nosniff
age: 568816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34526
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 17:01:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 17:11:08 GMT

GET
H3 200 blank.png_1684864042354_blank.png
s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/62c5cf4dd2383e1014770935/original/ Frame 8D02 927 B
956 B 68ms
65ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/62c5cf4dd2383e1014770935/original/blank.png_1684864042354_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 22:00:13 GMT
x-content-type-options: nosniff
age: 292271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 927
x-xss-protection: 0
last-modified: Tue, 23 May 2023 17:47:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 22:00:13 GMT

GET
H3 200 320x50_MARVEL_x_PANDORA_Logo_Landscape_Red_Black_RGB_Web.png_1691427686152_320x50_MARVEL_x_PANDORA_Logo_Landscape_Red_Black_RGB_Web.png
s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/63d8d94aef0fc85967e5d7af/original/ Frame 8D02 7 KB
7 KB 44ms
41ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11080501/cdn.ad-lib.io/v3/partners/610401178da83b1d9f3f7b61/assets/singleFiles/63d8d94aef0fc85967e5d7af/original/320x50_MARVEL_x_PANDORA_Logo_Landscape_Red_Black_RGB_Web.png_1691427686152_320x50_MARVEL_x_PANDORA_Logo_Landscape_Red_Black_RGB_Web.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2332e448898c898b9cc2fe9d84d12f531ea60b34f8ef40492a8bb0bb94fed6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/71444261635096576/320x50-Classic/320x50-Classic/index.html?e=69&leftOffset=0&topOffset=0&c=5mF808Aqht&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 20:45:22 GMT
x-content-type-options: nosniff
age: 555962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7217
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 17:01:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 20:45:22 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D8E 17 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:11:24 GMT

GET
DATA 200
OK truncated
/ Frame DA10 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb720cb27bdc3d37015ce900d678af8fb68dcab3fbb6d583fbb7ab11dff45803

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 3B3E 89 KB
32 KB 206ms
51ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=78392200028716804444552012466027&a=6755784b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 06:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 06:08:09 GMT

GET
H/1.1 200
OK S-120x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 3B3E 33 KB
34 KB 299ms
63ms Image
image/gif 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-120x600.gif
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=78392200028716804444552012466027&a=6755784b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:24 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-8530"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 34096

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame 1DB3 11 KB
4 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1013789962;ord=om2wqy;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.xgcartoon.com$2,https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=AsgdgMBJQw;stc=1;chaa=1;sttr=802;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:43:52 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DB3 0
0 122ms
120ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzUdp3VGb8UZ3Z9m8_euMlEa8JCKgGxlg01LL7qbgS0CB2O0wcvUuUIcU_gGTBYwhQY5XKaS6SzVuJ6KcC7RbsjQZPnXXLgxebGwHPzzQ_JepxA8UHLIoF6nWEf-FGaxgqsG88dxUfDtxeexf4QxVtfSu6oc6Y_LzhPKQhLQ&sai=AMfl-YSAt9fRxvyx2Q4RJtKt6PTQpObZROc_EAqqFON7dJgAIcq5gnvhwdOkXHdjjXY00yFadVNID52nBFkivdH_Q5e3SYIwjya6wrFHiw&sig=Cg0ArKJSzDYQtxdfuGRtEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20230928.72901&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DB3 41 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H3 200 7410484386335067809
s0.2mdn.net/simgad/ Frame 1DB3 123 KB
123 KB 43ms
42ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7410484386335067809

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 11:44:24 GMT
x-content-type-options: nosniff
age: 588420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126353
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 11:44:24 GMT

GET
H3 200 7410484386335067809
s0.2mdn.net/simgad/ Frame 5694 123 KB
123 KB 67ms
54ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7410484386335067809

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=2156455326;ord=jscqge;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.xgcartoon.com$2,https%3A%2F%2F186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=VluMSTnrZ.;stc=1;chaa=1;sttr=218;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 11:44:24 GMT
x-content-type-options: nosniff
age: 588420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126353
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Sep 2024 11:44:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame 5694 11 KB
4 KB 66ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:43:52 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5694 0
0 93ms
81ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss724Qkjk3zjBC5Udta3DO63BJC5lWQQMrNt1RQdWJGCsXWlbTwH1SrhCzhCq41VmdW-M4Q2oxLuj1lLmeuf0gI9n7DzekFqAidM1urNlfGzNOQJGeAgxBij4gZ4Rdqy29sUHuUJ2gYrYRnCUKlIxGlIz19H0RWFIOt7MPgpQ&sai=AMfl-YSzVpS-8vUL2F080LZkCaWNrPXtTc9gE3PnXjTODFNewYNW0Yxfh8FQfCqwkbZ9-WIpF-l9AS7gqAZhQj3iwVLIvZ-AxwQuZJNAGQ&sig=Cg0ArKJSzKnpxfz2Maj0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230928.08708&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5694 41 KB
13 KB 68ms
56ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 53DF 37 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:48:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B6FC 1 KB
649 B 39ms
30ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 83759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 IAS_PassbackAds_300x600.png
static.adsafeprotected.com/ Frame 037C 34 KB
34 KB 53ms
38ms Image
image/png 2600:9000:21f3:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x600.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 02:42:04 GMT
x-amz-version-id: tQgHbMfZoUlj3hcvrSYdqixcUVtCIeBK
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 534561
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34357
last-modified: Fri, 18 Feb 2022 23:29:00 GMT
server: AmazonS3
etag: "26e2b461771f6fb855141aa77c859584"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: -JBvWEKN4_qJmrRiFdfKUZ34cYSt25Whz7zosHSF-Ad5fxMMP9N7Yg==

GET
DATA 200
OK truncated
/ Frame 1DB3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662fd23135d942f5ae90d166f3c8febf75bb16c61d0d4790b6df654d63e933da

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements4784.js Show response
cdn.doubleverify.com/ Frame 95AF 420 KB
99 KB 41ms
41ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4784.js
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 27bb3ca1a93c5079b313320cf72c4057818535462f4546c2a83baac6914f3130

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 13:26:40 GMT
Server: UploadServer
ETag: "66abf8796500aa6c77eaac83b8c57f1b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101000
Expires: Wed, 02 Oct 2024 07:11:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DB3 187 KB
59 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:25 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0CD3
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1&google_push=AXcoOmR7V6NG4UrY63LF59RL8tQrzj_SNW-CrV4snJtxHLJRHMr1lKNk5EvYEu2oMpsrwkzMsAzUXwoXtZ-o72QUrnrUOjugXkwh
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM5MTQ4MTQzODk3NDg4MTQ5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1

43 B
398 B

48ms
47ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD3
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFMHddObDVPk-lUx1EBHBCw&google_cver=1&google_push=AXcoOmTDFJc4Kx_fzFpiM2eQ0hWQU7Paa73COTskHv9eZx8XiEIQv9rV0s...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTDFJc4Kx_fzFpiM2eQ0hWQU7Paa73COTskHv9eZx8XiEIQv9rV0sxZ6C1OgVGbzqVtq1le-pBazxC_qm0dhaAMrniDxSc&google_hm=i22L8UE...

170 B
188 B

48ms
42ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTDFJc4Kx_fzFpiM2eQ0hWQU7Paa73COTskHv9eZx8XiEIQv9rV0sxZ6C1OgVGbzqVtq1le-pBazxC_qm0dhaAMrniDxSc&google_hm=i22L8UE0jGwXvCTOud2h9w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTDFJc4Kx_fzFpiM2eQ0hWQU7Paa73COTskHv9eZx8XiEIQv9rV0sxZ6C1OgVGbzqVtq1le-pBazxC_qm0dhaAMrniDxSc&google_hm=i22L8UE0jGwXvCTOud2h9w
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD3
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECbf5S16Eg8-KqIk5UbcRpQ&google_cver=1&google_push=AXcoOmREqFhhcEwZEjcm36BzcittGHNhE1zbzQg8Y2WtXZKsASkJyF2jHJuPBqA9LBPiKn37i3AbJw5KVNd...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmREqFhhcEwZEjcm36BzcittGHNhE1zbzQg8Y2WtXZKsASkJyF2jHJuPBqA9LBPiKn37i3AbJw5KVNdHTAwannMZPmVFj8H8&google_hm=a7vFj4FORXGZNyfuRK1-aRY

170 B
188 B

67ms
58ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmREqFhhcEwZEjcm36BzcittGHNhE1zbzQg8Y2WtXZKsASkJyF2jHJuPBqA9LBPiKn37i3AbJw5KVNdHTAwannMZPmVFj8H8&google_hm=a7vFj4FORXGZNyfuRK1-aRY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:24 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmREqFhhcEwZEjcm36BzcittGHNhE1zbzQg8Y2WtXZKsASkJyF2jHJuPBqA9LBPiKn37i3AbJw5KVNdHTAwannMZPmVFj8H8&google_hm=a7vFj4FORXGZNyfuRK1-aRY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD3
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rATpeIk_SYCmF8QwgeV6ZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

69ms
67ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rATpeIk_SYCmF8QwgeV6ZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTfhCUV06vbBxcmFCoyT_2MCjMr0rA7f6ne7h4Gxhez09pJq28tnbPk16FVoVv1npOKDoU3VVLOpxW8pZcX_JSeVhknEC4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rATpeIk_SYCmF8QwgeV6ZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTfhCUV06vbBxcmFCoyT_2MCjMr0rA7f6ne7h4Gxhez09pJq28tnbPk16FVoVv1npOKDoU3VVLOpxW8pZcX_JSeVhknEC4
date: Tue, 03 Oct 2023 07:11:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

cs
cs.lkqd.net/ Frame 0CD3
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM9_Nygk0AMtaT-h3VVgZIA&google_cver=1&google_push=AXcoOmStBNgg3SnuT4sPXb5IkpXk0Eo0CKW_au1K13cvMPZkr7Ki24XZzXoupkvb72UR66ANgeqy4CsOhVC0wGAE...
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=f4bcecbf15&gdpr=0&gdpr_consent=

43 B
521 B

488ms
107ms

Image
image/gif

69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=f4bcecbf15&gdpr=0&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394
Protocol: H2
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Tue, 03 Oct 2023 07:11:25 GMT
via: 1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
location: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=f4bcecbf15&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: hC4SlHK8f00jx9uNUd2GDKd94gODra1SPN0j9J_rznc142tE3g_GOQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD3
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMXbCNcGp3AdRqZxMG43lik&google_cver=1&google_push=AXcoOmR66AU0thE5i08lDWeTqelompMMeeqEka9TkrtiXgnwIC1FWY9iCW-frudLVtWx8yoEbfiw66xV9Ec6...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR66AU0thE5i08lDWeTqelompMMeeqEka9TkrtiXgnwIC1FWY9iCW-frudLVtWx8yoEbfiw66xV9Ec6vi8N-tMIbL6xJYhR

170 B
188 B

66ms
57ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR66AU0thE5i08lDWeTqelompMMeeqEka9TkrtiXgnwIC1FWY9iCW-frudLVtWx8yoEbfiw66xV9Ec6vi8N-tMIbL6xJYhR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR66AU0thE5i08lDWeTqelompMMeeqEka9TkrtiXgnwIC1FWY9iCW-frudLVtWx8yoEbfiw66xV9Ec6vi8N-tMIbL6xJYhR
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0CD3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG-HL8ZPG9zbZZRgoaIvXh8&google_cver=1&google_push=AXcoOmSBgFfQolVmK6_4bGKVP0qUZX3nFdXEN2vSnuyZLoBxm-kHnyZpAdvHQ2nYEkObWvppCfRO2QZZqEjnwE1A3QqX76Kcmw
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSBgFfQolVmK6_4bGKVP0qUZX3nFdXEN2vSnuyZLoBxm-kHnyZpAdvHQ2nYEkObWvppCfRO2QZZqEjnwE1A3QqX76Kcmw&...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ3MDE1MDI1NTMzODI0NzMzODgw&google_push=AXcoOmSBgFfQolVmK6_4bGKVP0qUZX3nFdXEN2vSnuyZLoBxm-kHnyZpAdvHQ2nY...

170 B
188 B

67ms
42ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ3MDE1MDI1NTMzODI0NzMzODgw&google_push=AXcoOmSBgFfQolVmK6_4bGKVP0qUZX3nFdXEN2vSnuyZLoBxm-kHnyZpAdvHQ2nYEkObWvppCfRO2QZZqEjnwE1A3QqX76Kcmw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ3MDE1MDI1NTMzODI0NzMzODgw&google_push=AXcoOmSBgFfQolVmK6_4bGKVP0qUZX3nFdXEN2vSnuyZLoBxm-kHnyZpAdvHQ2nYEkObWvppCfRO2QZZqEjnwE1A3QqX76Kcmw
date: Tue, 03 Oct 2023 07:11:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0CD3 0
12 B 78ms
76ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcWyNV_MZ0kCeeQDLyH-rbCqAGdJjWnEsHra77PdiV39J4trRYD8dYPUKpakrNxt9_su7s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317078111&bpp=584&bdt=715&idt=1293&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2445916116&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078362%2C44795922%2C44803792&oid=2&pvsid=272488633389356&tmod=1760361302&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.5v5s27lvec5k&fsb=1&dtd=1394

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1DB3 0
0 69ms
68ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzUdp3VGb8UZ3Z9m8_euMlEa8JCKgGxlg01LL7qbgS0CB2O0wcvUuUIcU_gGTBYwhQY5XKaS6SzVuJ6KcC7RbsjQZPnXXLgxebGwHPzzQ_JepxA8UHLIoF6nWEf-FGaxgqsG88dxUfDtxeexf4QxVtfSu6oc6Y_LzhPKQhLQ&sai=AMfl-YSAt9fRxvyx2Q4RJtKt6PTQpObZROc_EAqqFON7dJgAIcq5gnvhwdOkXHdjjXY00yFadVNID52nBFkivdH_Q5e3SYIwjya6wrFHiw&sig=Cg0ArKJSzDYQtxdfuGRtEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=770&vt=11&dtpt=767&dett=2&cstd=0&cisv=r20230928.72901&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B790 13 KB
5 KB 68ms
56ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 66179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 711F 829 B
560 B 57ms
54ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ffa05b9444837d48f02beade54963bc544ea3b082fe834981b5151de5f743e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sHsxjXwrS-fpDKztoQYNTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sHsxjXwrS-fpDKztoQYNTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:25 GMT
expires: Tue, 03 Oct 2023 07:11:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4CB9 1 KB
649 B 43ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 83760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5694 187 KB
59 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 07:11:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2D69 0
10 B 71ms
60ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fF6C5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5694 0
0 99ms
88ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss724Qkjk3zjBC5Udta3DO63BJC5lWQQMrNt1RQdWJGCsXWlbTwH1SrhCzhCq41VmdW-M4Q2oxLuj1lLmeuf0gI9n7DzekFqAidM1urNlfGzNOQJGeAgxBij4gZ4Rdqy29sUHuUJ2gYrYRnCUKlIxGlIz19H0RWFIOt7MPgpQ&sai=AMfl-YSzVpS-8vUL2F080LZkCaWNrPXtTc9gE3PnXjTODFNewYNW0Yxfh8FQfCqwkbZ9-WIpF-l9AS7gqAZhQj3iwVLIvZ-AxwQuZJNAGQ&sig=Cg0ArKJSzKnpxfz2Maj0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=748&vt=11&dtpt=746&dett=2&cstd=0&cisv=r20230928.08708&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5694 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a85f98d630e3d1b37fddbd2a5520fb89a76332f967b2aacc48d09d87e40740ee

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B51 0
0 166ms
159ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjirlEBX7jG5jS7HkqQcrFu1yZFk_-n9itdmLzEHV1YLSGIvF2mZTLTJMvTzW5J3FsTvD-vxl8g5--6IOWfOpsFP6zNb1NHMYXydB7TmFKpAeazmwgdIkuP24nbHXwFJc9yrynfQxuL9PWTzjw1DFtv3pJO4SeQ1nrGMhrcOi-SOgNcbfqx4rVNs2IMMflJ2FOm00KRUMwv_IGkyCrceuyuoZ77I_BA2Wl7cADrYxOyeyzjepvbWrHbS7AbBc1EU7NNRlWd8yHWG89sKGiqS_0ELXfvherjIUPdn9bRppq-BWzYoeRGh0d4T85bSoIHXYL24Haj0_p-zB1ahYvzLjNpy2P3k_8ATjl1pnZC6Q_Lw&sai=AMfl-YQzETZtMM6XlLjeo4klXrwyisbHqf_zGaqUASvNTyHVtTpFItmpJup59_2jfCNQYO5EqHxuBPSGnvoYRvs&sig=Cg0ArKJSzGSsv__GkOrWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 07:11:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9B51 16 KB
12 KB 115ms
108ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcfeeee4b3b2a0e6a6e86ea0758301b373bca0894710afa06b0c0fe1731d0ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12190
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame 3B3E 0
150 B 181ms
50ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=78392200028716804444552012466027&a=f3e46d4b&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=78392200028716804444552012466027&a=6755784b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=78392200028716804444552012466027&a=6755784b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 07:11:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 3B3E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FC
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN9SNHsp9S0MRdmEYygxcvI&google_cver=1&google_push=AXcoOmR_cl3tRgxXEQv9QR2ozaJni85NYTlpCZC3KfrrL5dpmqjpk25RCUU83h34qv11w0b9FmRqOPRrN5NS6vZ3A...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN9SNHsp9S0MRdmEYygxcvI&google_cver=1&google_push=AXcoOmR_cl3tRgxXEQv9QR2ozaJni85NYTlpCZC3KfrrL5dpmqjpk25RCUU83h34qv11w0b9FmRqOPRrN5NS6vZ3A...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR_cl3tRgxXEQv9QR2ozaJni85NYTlpCZC3KfrrL5dpmqjpk25RCUU83h34qv11w0b9FmRqOPRrN5NS6vZ3Ajo-zMKVkvIe&google_hm=HbEPsGZHK5tnlEz1Qh-OQTHG

170 B
188 B

45ms
44ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR_cl3tRgxXEQv9QR2ozaJni85NYTlpCZC3KfrrL5dpmqjpk25RCUU83h34qv11w0b9FmRqOPRrN5NS6vZ3Ajo-zMKVkvIe&google_hm=HbEPsGZHK5tnlEz1Qh-OQTHG

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 03 Oct 2023 07:11:26 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR_cl3tRgxXEQv9QR2ozaJni85NYTlpCZC3KfrrL5dpmqjpk25RCUU83h34qv11w0b9FmRqOPRrN5NS6vZ3Ajo-zMKVkvIe&google_hm=HbEPsGZHK5tnlEz1Qh-OQTHG
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FC
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEFkWTclvXhKGzbeBwKClNgo&google_cver=1&google_push=AXcoOmQjhU38dE1K17ibLRFNIsh3Hs8E79pX56uQKLbQlE6tC2MPBl-W2rwcVVoWnY6j__FbPOAjW8CBHxjPViFrgfbJXT...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFkWTclvXhKGzbeBwKClNgo&google_cver=1&google_push=AXcoOmQjhU38dE1K17ibLRFNIsh3Hs8E79pX56uQKLbQlE6tC2MPBl-W2rwcVVoWnY6j__FbPOAjW8CBHxjPViFr...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zStu-6cQSRiVXlKJDtk4aA&google_push=AXcoOmQjhU38dE1K17ibLRFNIsh3Hs8E79pX56uQKLbQlE6tC2MPBl-W2rwcVVoWnY6j__FbPOAjW8CBHxjPViF...

170 B
188 B

80ms
71ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zStu-6cQSRiVXlKJDtk4aA&google_push=AXcoOmQjhU38dE1K17ibLRFNIsh3Hs8E79pX56uQKLbQlE6tC2MPBl-W2rwcVVoWnY6j__FbPOAjW8CBHxjPViFrgfbJXTfqCtDe6g

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=zStu-6cQSRiVXlKJDtk4aA&google_push=AXcoOmQjhU38dE1K17ibLRFNIsh3Hs8E79pX56uQKLbQlE6tC2MPBl-W2rwcVVoWnY6j__FbPOAjW8CBHxjPViFrgfbJXTfqCtDe6g
access-control-allow-origin: *
date: Tue, 03 Oct 2023 07:11:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FC
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFjQDDeTia6ExhVOaKejzmA&google_cver=1&google_push=AXcoOmR2DANEtrpVAj5owQ58ZX8ZpBZAMV-YjJkKcVsYaI2hUjEjItt9_nFBfAYSVDNt4LNa9TnjEX...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR2DANEtrpVAj5owQ58ZX8ZpBZAMV-YjJkKcVsYaI2hUjEjItt9_nFBfAYSVDNt4LNa9TnjEXZUU7TCWhpft9iHnlXKSmA7kQ&google_hm=NDQwNzg1...

170 B
188 B

92ms
91ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR2DANEtrpVAj5owQ58ZX8ZpBZAMV-YjJkKcVsYaI2hUjEjItt9_nFBfAYSVDNt4LNa9TnjEXZUU7TCWhpft9iHnlXKSmA7kQ&google_hm=NDQwNzg1NDIzMjYzODY4OTIyMg%3D%3D

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR2DANEtrpVAj5owQ58ZX8ZpBZAMV-YjJkKcVsYaI2hUjEjItt9_nFBfAYSVDNt4LNa9TnjEXZUU7TCWhpft9iHnlXKSmA7kQ&google_hm=NDQwNzg1NDIzMjYzODY4OTIyMg%3D%3D
date: Tue, 03 Oct 2023 07:11:24 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame B6FC
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMXbCNcGp3AdRqZxMG43lik&google_cver=1&google_push=AXcoOmTWB_WauEa9yaemx6lKlrkYOHhF1utvyW6iBCxx4SyDDjr0PzvXrTcoNUOGCphn_osrEOpxX42GZ8H...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTWB_WauEa9yaemx6lKlrkYOHhF1utvyW6iBCxx4SyDDjr0PzvXrTcoNUOGCphn_osrEOpxX42GZ8HW-tzlZ2cenM2ALZHfiiA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

90ms
87ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame B6FC
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENfSJJwgmxsZ...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzlmZjhjYjYtNDczMy00YTkxLWIxMmItNjM0ZTczMTgyMzc2&google_push=AXcoOmSH3xBFWYtP2Kyw1u92Bh9C-Y761Oi5i99zPjgVIofBYjKsxdIdHz32qHlIVsmdo...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

104ms
101ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 07:11:26 GMT
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FC
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEL2gAmek2bRGCoAC_dZf1jY&google_cver=1&google_push=AXcoOmRWZolSRGKNL...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODQ2MDk0MDg3MDU1NjYwNzQxMg%3D%3D&google_gid=CAESEL2gAmek2bRGCoAC_dZf1jY&google_cver=1&google_push=AXcoOmRWZolSRGKNLEB2S5mqSprM_IemW2...

170 B
188 B

93ms
90ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODQ2MDk0MDg3MDU1NjYwNzQxMg%3D%3D&google_gid=CAESEL2gAmek2bRGCoAC_dZf1jY&google_cver=1&google_push=AXcoOmRWZolSRGKNLEB2S5mqSprM_IemW2GpVAdyJt2qDBPWddVxlhTD5ewDhng9ge5FN5l7l78h_c_HY57_MUeVEYWL9KGfZXY6rSU

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
an-x-request-uuid: 96df1df7-d07c-483a-b9a0-d49d1759ea42
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODQ2MDk0MDg3MDU1NjYwNzQxMg%3D%3D&google_gid=CAESEL2gAmek2bRGCoAC_dZf1jY&google_cver=1&google_push=AXcoOmRWZolSRGKNLEB2S5mqSprM_IemW2GpVAdyJt2qDBPWddVxlhTD5ewDhng9ge5FN5l7l78h_c_HY57_MUeVEYWL9KGfZXY6rSU
x-proxy-origin: 176.10.106.22; 176.10.106.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B6FC
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDUQYuWco...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDU...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=063148ff-632a-4ea7-9061-a54988eacbaf&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

45ms
44ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=063148ff-632a-4ea7-9061-a54988eacbaf&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=063148ff-632a-4ea7-9061-a54988eacbaf&%%GOOGLE_PUSH_PAIR%%
date: Tue, 03 Oct 2023 07:11:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B6FC 0
12 B 68ms
66ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqVHmThZA4XxBDCVO-Y94sIZF5_kKO35CADqXGWs1n1F6BaNYRaREHjfbadH6cU67YsQS5Lwtmog

Requested by

Host: 31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
URL: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1331 43 B
215 B 124ms
123ms Image
image/gif 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3c8923ae-1fde-24de-a437-1e275151bb4f&tv=%7Bc:pXYfUT,pingTime:-10,time:2825,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696317085491%7C%7Cb0fa390648466aa42530dd0a30ff2663%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C34402e88f9e2b5f6d9a7fc5f621cacc4%7C%7C72ba2135aa505a086a141e836aff2bfd%7C%7C92c6048a7f4def46d18255b64a667b73%7C%7C4b6dcddef5d234755619639d5f40f2a4%7C%7Cd535f89c44d90ecd803998c3008ac6a7%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B51 17 KB
6 KB 1564ms
1561ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:11:27 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 85D8 22 KB
8 KB 38ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 95903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 95AF 694 B
730 B 261ms
55ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=758&ttfrms=71&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&sim=3&eparams=DC4FC%3Dl9EEADTbpTauTau%60ge37fc%60g4h5e3_f%605_hb7%607a25%60473g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DI842CE%40%40%3F%5D4%40%3ETar9EEADTbpTauTau%60ge37fc%60g4h5e3_f%605_hb7%607a25%60473g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1696317085770267&jsCallback=dvCallback_1696317085770497&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4784&tgjsver=4784&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D90%26slotname%3D3654094576%26adk%3D1418711512%26adf%3D3173046732%26pi%3Dt.ma~as.3654094576%26w%3D728%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696317077743%26bpp%3D597%26bdt%3D623%26idt%3D1122%26shv%3Dr20230928%26mjsv%3Dm202309210101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3755%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D2506091661%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759875%252C44759926%252C31078363%252C44785295%252C31078301%252C21065725%252C31078422%26oid%3D2%26pvsid%3D3429906786545753%26tmod%3D2038617597%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.egtkr3lyjgvg%26fsb%3D1%26dtd%3D1177&fcifrms=5&brh=2&dvp_epl=376&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.xgcartoon.com/&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0jZaNOYbwwmElwsowx5fhxF&aucrtv=495871122&auorder=1012740201&ausite=1950747532517&auxch=1&aulitem=20200241964&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=474532305165.1957&dvp_tukv=415584925.437781&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=836815248935&jurtd=2038552996
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4784.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 83cadb577d50435ac2de656b8eeffd29e1a3c828feb95b5a966de8ff69571eb3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 07:11:26 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/02/2023 07:11:25

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E2D0 22 KB
8 KB 31ms
29ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 95903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4CB9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1&google_push=AXcoOmSReBdg4C2PW5GXUaksG1FJQfUKpr7FJcwRnXKJLJvgRY9Tbc-lfCvxgY2Jb-vBqcRHgQle65lSN9SqyPIJGkm9Ds_jn6-O
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODM5MTQ4MTQzODk3NDg4MTQ5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1

43 B
398 B

59ms
47ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 07:11:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAtKBRiTH9W4lFJ85pzkar0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CB9
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBDCPgUf5xWQlQeUN7eZwEA&google_cver=1&google_push=AXcoOmQiEahJ3Ywf5qYsLVrjrG6BDdgPjAcRK9MsjovJGx6Tbjdbhhd...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1630d6f3249917e6&is_secure=true&networkId=14000&version=1&google_gid=CAESEBDCPgUf5xWQlQeUN7eZwEA&google_cver=1&google_push=AXcoOmQiEahJ...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI8tDGkT5SxgMWvLhaAAAAAAA&expiration=1696403486&google_cver=1&is_secure=true&google_gid=CAESEBDCPgUf5xWQlQeUN7eZw...

170 B
188 B

59ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI8tDGkT5SxgMWvLhaAAAAAAA&expiration=1696403486&google_cver=1&is_secure=true&google_gid=CAESEBDCPgUf5xWQlQeUN7eZwEA&google_push=AXcoOmQiEahJ3Ywf5qYsLVrjrG6BDdgPjAcRK9MsjovJGx6TbjdbhhdDikyF1pCvH21aS3yAJrOw3T_7z2u3IM0VjmPG4p0EmSI

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI8tDGkT5SxgMWvLhaAAAAAAA&expiration=1696403486&google_cver=1&is_secure=true&google_gid=CAESEBDCPgUf5xWQlQeUN7eZwEA&google_push=AXcoOmQiEahJ3Ywf5qYsLVrjrG6BDdgPjAcRK9MsjovJGx6TbjdbhhdDikyF1pCvH21aS3yAJrOw3T_7z2u3IM0VjmPG4p0EmSI
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4CB9 0
174 B 143ms
39ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAHf5as9Le3XEjVHEA6173w&google_cver=1&google_push=AXcoOmRZhuKnjt7RvDwQm_MASIbQyZW2LbxHNSgb4z6J7NdGUWR0v_9mXZH9KPG_tI_C_X3XZqEkDAZINfSFUFbFnjMLN657WdkS
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696317077743&bpp=597&bdt=623&idt=1122&shv=r20230928&mjsv=m202309210101&ptt=5&saldr=sd&is_amp=1&correlator=3755&frm=24&ife=3&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2506091661&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31078363%2C44785295%2C31078301%2C21065725%2C31078422&oid=2&pvsid=3429906786545753&tmod=2038617597&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.egtkr3lyjgvg&fsb=1&dtd=1177
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CB9
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEA25OVsr7OjFr1weXo6LkF8&google_cver=1&google_push=AXcoOmSAovm4cqKrfmfhokcRCh-1xoNPeGSeMDDaKG7b2Pv3I3WBBQEpPm_GF7YODTLuyuSxnWfVcpoN7k-hoPEahEozmS5cs2k
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSAovm4cqKrfmfhokcRCh-1xoNPeGSeMDDaKG7b2Pv3I3WBBQEpPm_GF7YODTLuyuSxnWfVcpoN7k-hoPEahEozmS5cs2k&google_hm=6TfDAfbaxIsUKrYWhtix1g==

170 B
188 B

71ms
71ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSAovm4cqKrfmfhokcRCh-1xoNPeGSeMDDaKG7b2Pv3I3WBBQEpPm_GF7YODTLuyuSxnWfVcpoN7k-hoPEahEozmS5cs2k&google_hm=6TfDAfbaxIsUKrYWhtix1g==

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmSAovm4cqKrfmfhokcRCh-1xoNPeGSeMDDaKG7b2Pv3I3WBBQEpPm_GF7YODTLuyuSxnWfVcpoN7k-hoPEahEozmS5cs2k&google_hm=6TfDAfbaxIsUKrYWhtix1g==
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CB9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGVBTlxLgbqz52rwmzEnO_g&google_cver=1&google_push=AXcoOmRIAdpu0Aq24LerN_VCSOEl6G8jb8lub0233wfyF0JLAYA85Hpex34acewySMdUh35PeUR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE45WkU4RkUtRy1FSzNB&google_push=AXcoOmRIAdpu0Aq24LerN_VCSOEl6G8jb8lub0233wfyF0JLAYA85Hpex34acewySMdUh35PeURzdCZs5mwQQJk1Ds-vT4G4ZJuI

170 B
188 B

52ms
51ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE45WkU4RkUtRy1FSzNB&google_push=AXcoOmRIAdpu0Aq24LerN_VCSOEl6G8jb8lub0233wfyF0JLAYA85Hpex34acewySMdUh35PeURzdCZs5mwQQJk1Ds-vT4G4ZJuI

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE45WkU4RkUtRy1FSzNB&google_push=AXcoOmRIAdpu0Aq24LerN_VCSOEl6G8jb8lub0233wfyF0JLAYA85Hpex34acewySMdUh35PeURzdCZs5mwQQJk1Ds-vT4G4ZJuI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4CB9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMXbCNcGp3AdRqZxMG43lik&google_cver=1&google_push=AXcoOmT-PrAPMk1-V-jq0JU5zEm1bdRNseJ3NmZ7bPlFd4kdzIu8hRtKKBHvXyRYJ1sX0-n7SBVfQbJMD-Tk...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-PrAPMk1-V-jq0JU5zEm1bdRNseJ3NmZ7bPlFd4kdzIu8hRtKKBHvXyRYJ1sX0-n7SBVfQbJMD-TkNHjUjHCx_g02481f

170 B
188 B

44ms
43ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-PrAPMk1-V-jq0JU5zEm1bdRNseJ3NmZ7bPlFd4kdzIu8hRtKKBHvXyRYJ1sX0-n7SBVfQbJMD-TkNHjUjHCx_g02481f

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-PrAPMk1-V-jq0JU5zEm1bdRNseJ3NmZ7bPlFd4kdzIu8hRtKKBHvXyRYJ1sX0-n7SBVfQbJMD-TkNHjUjHCx_g02481f
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 4CB9
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMXbCNcGp3AdRqZxMG43lik&google_cver=1&google_push=AXcoOmTk78oTyRrOZB89ebcptuOCA1tFTdVnDPH0rT5MAUsgvQ6dIHaRSzpgzEwfIxk-3N0NwUC5X7Xwdav...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTk78oTyRrOZB89ebcptuOCA1tFTdVnDPH0rT5MAUsgvQ6dIHaRSzpgzEwfIxk-3N0NwUC5X7XwdavzionI7sMf9G_0mld_Ow
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

59ms
47ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4CB9 0
12 B 72ms
47ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHFp6483fjb1eoazz9WndvEb7beyTj4kpFWWvt2TjvpgOjowdw8wmMvaPOJunLQQgeLh32ag

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 711F 0
0 109ms
109ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=4176355876507025&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5694 42 B
64 B 96ms
75ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLXk6WGhnSP7L0rryuosBQWyDNK-o_E0JGPebKbqYlID3ps3zrFNzW-vjq8dVAug3UnEiCl52CeDLvVsKnMixEHJPMo0rn3EtSBpxyqH3z62dDUvL7wvrLDB8bEYkRaFs7YtkJAr5hJM2J&sai=AMfl-YQVM86fEWA3pReCUA0d8WVQvBLIaALwm08DTiQsrKXUipYTZXmZjVRjXfFKlwIKE6V9E3FDk2WbDw0ctl5OfHztKE_TkhR1mYo&sig=Cg0ArKJSzEj2V_yRmBDzEAE&cid=CAQSKQDICaaNcOmHgVCzZxiPjzAqgcdllnwTXliZdn81BdUwoAN6Tgfi5i4vGAE&id=lidar2&mcvt=1131&p=0,0,94,728&mtos=0,1131,1131,1131,1131&tos=0,1131,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696317078927&rpt=6223&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5694 42 B
64 B 137ms
99ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvt9cdA29BeKvDwJsIWHtYUlEf36NI5WKYD5IUkwbrHIcXoPyeOolsadgDJ02GEfldsqyFkd2vP6CF7Q6gmOOk5ibzlCdrERUpR1ruTUNES&sig=Cg0ArKJSzCwEGDenXrfYEAE&id=lidar2&mcvt=1137&p=0,0,90,728&mtos=1137,1137,1137,1137,1137&tos=1137,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2156455326&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696317078927&rpt=6243&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1331 0
25 B 95ms
95ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7221871908294&version=m202309260101&ct=76&x=1&cor=9386516278330325000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FEFF 0
0 90ms
67ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCEez_vKCrAVpCAAQdkemy1zHTqozvtQLHufiewM5Phs8hGpWPGfMZViKHZZ7f_6Sd7Nq8d8QL-5KeYbcczgFvUBfd4u4MdNJ6g-REmso3QeISOGp-gmiPNPTt7Zfmyz4X1erSlpzjjor-Y00cQdReImcxZ9vrc-c82jJ8Sdh-5Z0O1nxBSZrXaXgn-PzUnvoZ1nAGeX07I8tc-abMf64lPDLCxO1SKB2-kj8qOTIkNL7doJaBW6MUMnWitkS8OdrBNwHfy_Onggmj5l4rUbHyvFXaPwXLPFe4yfMkmgOWgAvqbxVFCi3TuFdKNCUkHZEoi16YxrCcz13pgLdn_M8BxJRytTRMot1l6akP0JYJsG4&sai=AMfl-YTgPQrXP82hK8W8QWU5ksqYCOtGHHnMlKdfUlJ21JsPohN68N3ErzASB4R3XEryVfKkYzf2H5XcZtWPhPM&sig=Cg0ArKJSzD1BtdnE6tM-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 07:11:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FEFF 16 KB
12 KB 153ms
131ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9003acbcaa3049be6dc5e33c2f5aca39aa459cfa7d0d877a377788f95c83964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12077
x-xss-protection: 0

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame B790 37 KB
14 KB 54ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:48:27 GMT

GET
H3 200 tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Show response
pagead2.googlesyndication.com/bg/ Frame 85D8 37 KB
14 KB 59ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 02:41:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 361821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14639
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 02:41:05 GMT

GET
H3 200 tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js Show response
pagead2.googlesyndication.com/bg/ Frame E2D0 37 KB
14 KB 45ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZc45-E4rPmsTxSD8tqiP9qdwFVCDW9qF0wqNHSbEF8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 02:41:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 361821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14639
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 02:41:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5940 0
0 88ms
79ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNz7qWY3pnSKcV5MHmNgMoKAK_uZq2qNrZHmjeMejsr-LrknJtl01y9MbMsw-2RQdHVdBwaOaVMeNL6AujJiGd_fsxY03AYtEtGeti1l3epDISbl8UczIb25jsQIm9TJoU4MC7gtEteF_aeIIz02JdLgaGfDzqb94V-9UY1sHCxGIw1vZM06f2TBFj92WnNVLjiTdDgQ-OXFAvJvpUxXi4FqsC8g4GzFRaaP2WOU1Mfq0xCNZDJ-Z6422l50U5mFBhREc08RZF0R2XJuTnCUnWgXtsxEb9a9M9jTP7FDMoxtKFL8w1_5e27MSUgEyx9n4oLSR-rSrj8CDcvT2LkN8L1QlJ6y4Dj-7biSYaqVfdgho&sai=AMfl-YRp9FXotvqUIwDFNOfN0H2tgqN8hIXoer--2sJA0yIPelBVpxdLv_VSSpFtK-WjlmPChCPpxQCsqA0jf04&sig=Cg0ArKJSzH1twgU6zMOrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 07:11:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5940 16 KB
12 KB 117ms
109ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f661849496e98f4e46eb4c31ff4bcbd3871ca1cf4b800fa371a7244c293c830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12274
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1D7 0
25 B 73ms
73ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmfYkl74bZbLiN53G7_UPiJa70A0AAAAAOAHgBAI&bg=!FhWlFVrNAAZN1Q_XbdU7ADQBe5WfONK2d8RFoYGxzPnlML6v2ZYLT1M6Rd_lqIGU-Ya6K8AEyDdfOtYGMd7FM-yZhI2XAgAAC6FSAAAAC2gBBwoAMvjqqcX1Gncqs-2XxApp9Wz6xqCbO8dpWSjT9V48EOXgX22rkUViUq9C-1SxaykO9COUmQNUD2iMmozLjnRyZgZzI8L2r8mpen4lgRFP5bZD1kJDfYHYG8fnAThiCdoTxzNWnr3G_M_qIDdB2Eo1oGQqpn6BuTy7dqlHEZPuWrefKVIwGRIDuR1ISpXJahTU-KZngYBj_eqvgPMl_TzOyz9Zez9xoiN3EQIpbu9qEi5Q9URCHTxD-KXM7OHQv0cQAA2aH8vTRlMMsqJWcF57Ad8F6aeK3othOQdmhgNmlPBgp1tbS26_fAtezp4MI3mfo6jLla5AOx4HtwsSDHjYUU0L6w8FO0TwDrg4l0VfEqTF6pcUkHbjx6TUXXRl8ahJb1jvPBj-pztGeBPp5tdSxVUECzcsbPzVZ4iMqqaQ9ONM5OTUXF936zSfKzA8wpiJlbLjIypIO85K_lwYya4xCU17rh6Ra8dXr92bRH96fclKL_BFe0SA7rC-4_N48tszSW9ScsXyf-yZI6ldqRV6ivTdgNwsBb3ByZC3-AKJC0JFHTOD1lhPmGJbWyflF3w48cFd7022oClZSi10DAOIYRzum8NxWEUogfIKgmx6PQExq0_FardPtTU0lakFSdeQ0xDKRm24euzdpext27eyx8ICfZi6BZQeMsHea8ByHSA6mRWNq9XBjMlEjZtaEe8apbbHOfEbijCL97lzfqwjoMduqCmsTGinHJQwMdj0UHm0jNBmbDIHpddvolH2ANfw-n_CnMHT-XPDczUQ9XsMo3GjQk5NVGVkl_PG07JQo1XmC6OWbpIeD-yOrnj5Mhnliu7m9Goxtk6ba6qfe3zX3qc0m35fIQwAuvCNy-sKc4kFN8UWAYf7xeIDKlOXm9JngE7jFcHUirjdRltGF_upqg_axrfJGRlctrW93tw0rrNzEOzjhI-LdGGFX5NOpuWvb_9sLTvnnaTpMLST2SwXInkHkU0nuf5-p_UBo2VPzGteChivs0mP3vUpa_ZqZIBQDmMLpCC8Wm_j9qJjQ09ygmjkxiqh2PCWQLV0h9cOK4fpfy111aHV_FOFzvibge7XhDbRm9_CSCXuaq2I_g_CJjFEJrhiR78su9o7KjpZat0U8mVkf5hbStRrZCVfZ-QM0Zywr3YHFI148_w8yyL7RfH9jySQktu4Fy0YhY4eSEYv5a-U3EqKmJth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B4 0
25 B 71ms
68ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbcWql74bZbDZD4GaywWntLn4AwAAAAA4AeAEAg&bg=!KimlKWbNAAZN1Q_XbdU7ADQBe5WfOMd9sM3ojwBXfqLb3RpxHbzti2uII4upIXyF2wQLUWk-HMbrfLmU03uNJtOTeJs8AgAADGNSAAAACGgBBwoAKOVtRK34OFZoxWkKLk8ls06MHesxHqwJyXvZT3vBxicBWeF8shw_oJOZAyr7aMQIQpJml-Gr_CTBTX-balZleqkHaMTPjCWauTcIfpsg40gpM6w03Sp5TG3GMgxJIXz8Ppw3iPzihU4Wz0lAgt3WtEQL6M-npco3Fzw_02mpu4tECtIlhScXE3TslYBvCzd-_179bov3EbNAhYqqoeHEmVrpu6zFQiwplyjCz1Qr0WrQh4_ur9Pwy6hEpC_vIUGOStGYngimn2zVU-DWnYlpTGst7JS-wm72yfrKMkvk2VByr6cZ1zB3Qeyam2YI4sAWFUOlGaulYGTGgOb5W0Es3EtCsoylL5uMBGau_1yBW1lG5cJs7b_v1xwrozokgh3Z5qouqTqw6z98Wufzs3FdNjOHWWO1p9a0PCGbOhSBkdlWDDGTB1EY67BO5BfQ2xiF-L4ZW8T2tHWyIE43yrK9o4A3CzHOWRAom94_12CRRttCYbYHwm7o4ZsBMlu0Au4IVpcXcveouvIebZ8n5AlL8dTHewK3KkNrpVggeYjq1RW6hNqr6tmJSvJZ-BRs_gGbL4SABNKDexsLQpZpEn3yvFWT8vof1qzvEFZTpXTESfH4SqVfKuAGUv68i6oKkplbobPDdOxA7mPGlNlhxw1GyK9Kt4SLMpBi4ErIvI1WJRR59gHQF9eDM-VnzMutmkHUKANvcAqp3Zsfc6FiLhQMbOKoaOZvVm7cU7sbbPDZ__Yow4859Bk0U50oarpfDkxzbxnIiJVsBhv3eMxzOY2p0jLZY16T9m596lwf8GSEZDImWJbKhi69plduBR326knnI3eudPifQXzuWg93ClRvG7hISoJI8plPrPI10UkrJ4NFBL_BmfQTzdlKSLKaYAJQTzEeC8ptyLweUvlrUmz5GO-3W1UpXfvtxgexRPd_1g1BB-yxcD0LNNNsJYPStPyseG978q8WgXdu2B4Yxo59oKUmL1Quk8LuH46yYRxAipXNHcKtuoMqIM7roNX3HT_oCLiEXX-nZkbF-TZvKlCuSlGsRIdV8UnW92TYoMHn_t3spQZcDcJr9cefc-sCSKCdoZJ7qWBmvsSeKjmP-b3G7An1ALIHbr2siJIZijj_WBWOz3AH1Y0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5940 17 KB
6 KB 459ms
458ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:11:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FEFF 17 KB
6 KB 404ms
404ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 07:11:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F15B 0
25 B 69ms
68ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8YjemL4bZfLFFpuKjuwPyLCv8A0AAAAAOAHgBAI&bg=!OjmlOXbNAAZN1Q_XbdU7ADQBe5WfONgT2EsJJYTxe_Dmd2B9J5RSAq5BxgWhmC21tLNJd1GyhKycv39evI4JLVYaML5FAgAACjBSAAAASmgBB5kDNHgCSH9EtsSEZ9a87Mf_-B4GctOsnXzCZVtE_gTVXS601l2cPZjHRDO2Rv48QetA-Jru2cKzVSOpo7syn592zt9pEKjVFFNu4Sq_ji-aRZR8jKU5tT1XtlpjBCVZvdabzPFiCDlDfs1BTZC0PCGE98x-rRd0IDWujMKpPtv6fmf4z5bLnJ6emNgevQcRRazujxTzEfBdRbJjwV-sBFTt0ofsHFM53wvxewLvZdI6pRRSoWpFl7dPjA4qEGfTfb0aZ1boATfEZYELLC95F2g_SM6U9z1onaBxphstys9daz_g5dFGrlpgrICiUqU5NuYXhFknyeMLejT20ltkNQSkpD4cO7dDvr479SmgO-5NhwWw2dL7e58MNVQ8u45EhtFeNeszL2DdN1bmrZTrZ8f89XrAqIVWlKLLN9ykydBqQo5ntsyFUcXc083dlUHWSkwimVl30yV-5m1CEb97VsbJ_4-O7rPeRjnZVBFGh3ZjbfaUF7kNB5vQQdmrNwkWxeuI02NjzetHuwdwkUxwVQyYitmhjRywPvpCDSJ-2DpjFignPz-qD5F9BIA3UG8oraGK0hFCRk7q1BQ5bOErJOBwxVT_9tdzmNwkK1fnP6V717yfBWu3c_5kBD4iwHVlfERwThW8zRaN7lkJIvLeiQsjF7Oiw-acMGr5A0r40unKyLsAL74FK1-10DlMvHW8OKlPidRnBlAim0PfzFo0tpllbp1dmiSQZrTNgSz18Ly-XwnCt8MiNXGKGdWcBNeiKTptqJV5N4h8OTAEPqkS_t-2VneVRNxamSFiChW_f_vIaEfyvJRuDVkRxM5Og6C9HGCKLMUYBMQTM8ww1WsepC3lXfB1M0h5A9FnRPcIUU6eAJEh9XLURa3r6-Q1iaRltwXs9IdtJf7ahU2dZyDQcivIDI5WQEB3zGh_V70eKblWbaSPGeUGKi1AkOHo3PFJF4d-jykPT3KizW3acVcqIvCwzg_tkxk3ulCWVF6sCKFRqoPLGMvkEAMoUBP9nvmzLBt-DttCFcR319YpTJ7qNwEZf6cWCdHfdeV5T3bxLLk0Y-VqIgpvkkKa-v2pv_N-smmexBJEgcc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DBB 0
28 B 67ms
66ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGMxmmL4bZaLyHubC9u8PqMWqqAQAAAAAOAHgBAI&bg=!R0SlRAvNAAZN1Q_XbdU7ADQBe5WfOE4X8yA1VfZ5vOzJpljDqjWauf6oCaVgQ3TpziRhopzoK3dye0QL8B7GkUbCKjZAAgAACZ9SAAAACGgBB5kDOsJqkERyPPeub6hrq8Bq5tVQKyM4fviuYouYUVk2TWfmbT_UuZUV7NV_n_AtkiNas7vnr3WytP_RAUWrh4d108zd4_81bzwurXJKyh9T6X3SYaUWpNdLJ8Rr1WkkW7E1Ieg7lENnMO2St2X4KTINm3rKiBrbv6146zwv871o-nu7ALGBp4jyPHlm8EV7UWFGBSTYEyHDQeAipQmuCqEXhvYeHOGWaiS5NPETbIA3spwz3K1uPk2vVwwChWX1mQ3Q5bUaAPQx60wtaHkxzAbS_1-htkGbW02iGE14TuAsfjYiogoX0X2zqwIMLEODwRSS7xmxdTMdjjEnL1P1WNsMYYB6XVL3rAPCMzLX088KZvSh7dAykiX7JLlncFUJWR4nOn9tSbyPzoHzo1gAmr3lh3RRRXNKfXJCnCLrYph1_0hCUIVQiIHTL4rjV4rmqITKgXuMphAy8CNO24y_nMLjZ0oq-kVkrzsdVXjoaQPvPjYxw2eLKStfWSKqdTx8kmDZsKU85cXVXX4xmsrIAoZwj7l05if6n1PG5-JvCQg0qL-fa6NoU9vTqBLzvKqEBQYn3-Sx91ArLrHb_L7IyySf3YqzornSkqvfLqPLkLQ7wwYLmn-M1-L5l4BVBO5FB_ZjZuebwvWSw8tzg4wso4MtyxlXoRyBZhZgxz89ZLlGCeV2Kt4ehufgy_PrDiArsP55WODjwJfzkEkNnmpxE5J8Ky77anDASxEW7zEZQgIys2MWr7ARcYkV1M4O9_4wxq90RPXI9ER5gw8Lx-icV_4slAh8tfK6PHhFH9gOXbSgUzVvNgFmYcjkWEPUfmo8ejSzito0ppoWU08ACXFLZIcLJeDIOx4jV85g-CmDCXs0lAFkHYwRHi8bgsWkjj-t1FjQ5qVEQleL3HUsO4t5d_8iQbzfL8w4F4Ml_RyUb6CEIv8DLxykhYPjEY05YV2CZDa5PQ38BGb93-85KhFce-lfBy0KGjBNAW5UMFzBFLoevvDmIfc45V-hyMcSVnrn-4fHcNLgNrNY4hRKzPJImEnSxhZq4p1woTK_p6yOYHWuPX0jQDrgt2H7YqgiK5aSSU7WlYDI9WsrwKYQ4DI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6875 0
0 68ms
68ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=3079225621326333&bg=!vL-lv_DNAAYEJRtnJCU7ADQBe5WfONO9MDO4OKqXKBXH5oi-GpLrJwtFMQluKHw7RAQShgLVne6ARPXGTPE-BRJwqp0aAgAAFEBSAAAACmgBB5kDCrn9BEbrwqlEiaNqaSDXBw4TcvTCcRb7fZw8SgAyz3q9ncTEeBAIy8pI6RLcohghc14UCrUupI-YwrIadZ86HPvP6jXkk0z-WpaaYBE_N_-ssx-zWS4qGjgn1s6fKKFl8SjWKApW8pWHtSSDm2TTZBvWC1CvUHq2N4Xz6MJmYIb7zmL05L5GTwtpbmpLnraXevQADfv5OwFF493E30x3Bkdoya3hqEPymvrEHWYLyhrSlbiAN7IxumfyX5OlEypLcm0QfSg4tsTqs5RdoC1rhv2kWPuE8OeVkkwU9SbpKbdEs0fkKF-Xp9o4Cjk7_veOz-nhELZapNgzImdM8pQ-XCTfJ2Y8PW0c_u86lAl136sJ-p9qhstYwBBWwiHyW0gUQeUFCyrb5EG45KYfNJ8ic8MJYBj06q__qSXxFdX7gdJWQafxdaLMT802H-kLt0szdOaB_LFeoGtQq6YKYXRJsyQRhubtHTmKGklyD3xNcOxZfwy0p_RnDdSFiG9kUlPGxU9cPThA1U9w_edcpY8jE84sMQ9RFmU9lpOrym-li_bPv-vZscpI7PeLlur1PydBq7JMthaJtW-PSFgbquWxZUueyhynm4IyhmMFmYdRMMwyai-7OMzmQzGRHwdzqn_Q4CvI9QYKJrQStRrqc27MhSnrqVXKQbjwQHRpJImxm7AZMt-O7kqGI_W9cNTTRcWpU44r5GLnz3mRIfTlKL1FPxvkn3QzGJq4KLvpFtTRk6U6ANsgPEc6lly3wrNOYYXEqC1qWMs4tPWoW68KgF-JJ-oY7Hg0VsqCwI0iq7m3OcnWeNP_vYkJOozaXTpE21CA498wvtobyMXPlfQXkGuDouxy7X6gC4HXp0R3s5SpWeNWQq0i-Vy13r4dKBj9YE25tCivWSfoxB8G16pSSeWm7HIknS3maPh0qc-Fe7_MoS09Ax2Df7ALphnG4XcnpPXRA1a4B9KZh4iT79eDsv-fDU6M6K2fNEiePjdRecZNZMybIHws-NhYqkbHdhq_xGnthZr4dWOWCI3a4Is
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F65 13 KB
5 KB 74ms
74ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 66181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C1E6 829 B
559 B 54ms
53ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c6259d0b7ea1f9a00ea15b0c025f93cea93e8bb26215231a0afdb1e20a2c0b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TpmM0oPC0pwik1Mqz-bWMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TpmM0oPC0pwik1Mqz-bWMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:27 GMT
expires: Tue, 03 Oct 2023 07:11:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C0AE 13 KB
5 KB 68ms
61ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 66181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B572 829 B
560 B 73ms
66ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0fd49619d3b8eb638a31dd680b40cb0a317431360f125a088d9fe56171bfba8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qa2Y-OlRGLJ3G3mgRHfaBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Qa2Y-OlRGLJ3G3mgRHfaBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:27 GMT
expires: Tue, 03 Oct 2023 07:11:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DB3 0
28 B 96ms
95ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2073194376497&version=m202309260101&ct=77&x=1&cor=9070606129094731000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C949 13 KB
5 KB 34ms
32ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 66181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 904F 829 B
561 B 49ms
47ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e21ac7f8f03501b606c9a05b82104f382ec9e89dfcb4513ce4ee481c8403d199

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BZD_-k7N7EO4JwXzdwd4ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-BZD_-k7N7EO4JwXzdwd4ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 07:11:27 GMT
expires: Tue, 03 Oct 2023 07:11:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA10 0
28 B 64ms
64ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4786008416245&version=m202309260101&ct=77&x=1&cor=12913962032983513000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5694 0
28 B 63ms
63ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9550697144992&version=m202309260101&ct=77&x=1&cor=4096156551671006700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5940 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4m5UizDhSNsdwP8g0vlcEe4EbXRduRZtVNReIFxgOUNtOR8NeKc2vVQr8LW5E3svpmc6SS90gCe603_mwpuKI-EdzzeYylI1ACD-AxkI0SzZJfkd5XVAJISREH1ct&sig=Cg0ArKJSzCpoWkEkwAvCEAE&id=lidar2&mcvt=1132&p=0,0,90,728&mtos=1132,1132,1132,1132,1132&tos=1132,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696317077075&rpt=9501&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2176 0
28 B 66ms
65ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQVr1mL4bZfKlL_XP7_UPudGE2AEAAAAAOAHgBAI&bg=!UVKlUh3NAAZN1Q_XbdU7ADQBe5WfOO2cnT-MykUS_ZUTjTawEfGF7qt0DgxVwsXbPZzTQf3GNfzn2OCAazvNPqaMAjCUAgAADHRSAAAAk2gBBwoAHuRnFZDTm1mVgOK3wT_DDwA-z1RkocHmbu9iaUycwZkDOozyIqb93jCcInSS18Mn_0kgls-5O4R4rFs5ZP1zR5AlrfxNtPoUXvnavkSTFsBgZ-4Vsm-ao2WqSdzjoAWcfEHYusQJt-n6EmLWia4KiwqUDn_aUI9jbPTjavmqUwbpQee4qP7Zs1ModzzVLvAEPHZsPEUyy1dZ-b6X9MY52N04jwsG-WAca5GYOPJCS6a_Krr6GpBnKSCD8IDJKyyJ69TgrvOM8ruTuX0Nir3XqMCGSthDGYh6N3j6NGWkGLNl6Ag94tcrInt_y3UbQEYXo6JgRuQB0pd1r4E5rYGLNzA-ppeKM2jozOsrYmBmMYyxpB136W7AclSdAoO0tAMy7Yxq1A_aAuCn5iXjraT2frzJd2bBY66Ih8ftAtx5VYjljvPpH9iAno1FFr-zEfllcwHveq2SiiB3o-AyqBLQ6ao0qXSplKrKKB5Idbv7I5OzG20plUctR2jZCidWNElZGRxxZK5bSvh5pa3ltMnhzdVthS79NlgpjS4mM_NH8GfN2n5LSkoU-9uqW5FrzyTUq0IozDXXaUS_kx11dKwBbh4HnHo7Hdj4j7gQC8zPsCpigtV1G3VY4k3oIwz1tmPMmD9xDsEPuD8rugV8LoaPm-glTyJIF4otpSxe4qHWbyzPFJ-Gvd15Vj0yJrqGYGd7U-GVFQCYQnViqudeKGNCIIdHnHyFTngz7ZRWVqEVE6SqJFypIVG3KTLCTTbs-Eh96TH440C87Ks_n3scxwZDle-84F7TgnKwjQWp5CHWuyd691go48pixdRfQGfU6lBWyK4S-m_HTtmind2h2fvL-12iRgwioA5ndUOGpDXgeA6lb1-3YmK4ekVPiW2NRBZk8DpfjNovOW5wxluxxagsYDxuO_FmRXfsVT516Zbq_yowPVl-jzfG1fm62lfFRg8n4zlv4-gVnVAmsiZf1GaCm8I9Xsnd6jkEVmPEWKpGu51FzKVOebZuCjFU32eu3PL-cfYj0X0UMom-bduq3RVI-JeC4QbCA5fg-SmEiFJBfolFmdBbpxP4HBvTtIouK8K194n606wwFBqPAkCW1EeHDsXepJMU8ETI51sWYDPD_qmWQVfSA6ZvfAenY_o

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C1E6 0
0 64ms
63ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=1194333735167736&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B572 0
0 84ms
83ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=272488633389356&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 904F 0
0 84ms
84ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230928&jk=3429906786545753&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F65 37 KB
14 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:48:27 GMT

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame C0AE 37 KB
14 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:48:27 GMT

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame C949 37 KB
14 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:48:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B790 0
10 B 33ms
32ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lg0S8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85D8 0
28 B 67ms
67ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7Sdcm74bZb7kM9CY-gbiwq6IAwAAAAA4AeAEAg&bg=!nZ6lntHNAAZN1Q_XbdU7ADQBe5WfON0oYnbdvTk9KQP5jvmUoIAYp4PBTh0Q3kvh8j8r9r6TyXJ4rsn8Cf6mvQg0fo8xAgAABHRSAAAAemgBBwoAIdWOxHKQaOCiyJvB8mDmicUztbjnfzsv04p8qvyDgBrI3ZkDVW09-0iocLqKpqViY5QaxKDRSYiAN_aEW3l4NqwpXj1B-AHNtaYgZJxD9QUfuUm1AmCsUbqM_OMlEAtMAla1FsJzB_ixtlL1BfhTgeBjwtfaa1kxK50b_jjuqzqxQ1_5YpeFtESm42b9KZnFVy6ijqJ7IiTYtRaNAobj78BdcmLbd450kL5zuIIPns9N0tHbUPWJM9heHssagj_4Eur6K-rTHClYdHr09s9KsCUEs6mjhvwKV1HPhCg_3dzCqwJWccsvsoi3stmL3D3iP_eAIhEJD_wbFCpAce9g7OaLKpf48Z6mIEWIENVI9Dtvfh_ntd3A1CedmDxbV2rGpSBOKG2keGRthfkn8-hPDWQ_KxKhrXKRxRLPB-INIE2uS2tWyiyoGzkmZelPEY6hfF4VnYS4JgP6OsOl8kR1u3OkfxMmHiyMdpMQSv0kAPHvoP7DbhWLYrXZRwnSMy77nIJh9c-XynWRUQc1g4VinWKk6UGN2rvSl9VQEOczpXW-ltl9xOCu2x4qiPL60iZevk9SDmVexaEG7-pyRcIBdfFIkHgrEXQ_gw6SDHyiGyY74BIS07vw6fjPeJjTQHbns5Y64KJnf9tt_ipdUwIAIq8bD-mCizTh7Xz7beuzH4srSa7qxIN3jPWPxeOzCyT1Qc9riYZn-xwuEVaXlG6dSeBjdEfoFNJe9Be_Rj-qRu1io9rtBpBq1yZMLwcuKfqn1fRSf-9yTID4iGomsuYWM6Nj3ayhnpDP3DDu5myv2udsoITOzkVcvl8bYZXafZkMspIafHoJWun_IVWFEGGaGvLl6HZ2uTroZUDkIxaJ2CNHgcsSLO1m7SF7Ai3jJIN6TZ6IUs5A5mAgm84FZysExW6oMGg6XE9kQ_v9Fv61fpgwhgfvY-LZpyR-uozjFp0fIhOnzZZ6jw-o0Lm02gLlu9P4hni7ot46p-6YSj4gMESZUbf6ZtNMp6MYs037X6Vq_6mkOrbX389sHsltckOTsll4cwuQNgP2tIk6ODIMQZqrCrAx3ykfeanLdgfv6V8KaKZ8hoFGxsR6I5IzibwbYCwO_wFdivSBsyZw-TYEBPuIv10pi-HXC3hkZlRKVmQiaHDzbQRZfwMbrX9fvbhbiumzfOtjfMVLo8E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E2D0 0
28 B 100ms
99ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhDGCm74bZcSrN_KNjuwP1cmJsA8AAAAAOAHgBAI&bg=!HxylHFPNAAZN1Q_XbdU7ADQBe5WfOC2H73WxdCn360PT-BqUNP9E-EHGYmxfLTDFmP7Z1vusom8Eu9gyl3wvPVZJGZG9AgAABLBSAAAA12gBBwoAOd5Sgrofkk8eOC_zvwPvQRcwfzHTpbWfZk6iG_Vl45yy0r-R-RzutYZRiIZJrI9Q9wEPtn6Cl45zxJkDH0n1oyG-EyJzVybFPoF9QEA2wk6-N4YZc90BKEEmyuBqhVs2-p8tFb9Dkeu-beNR-oPmR03-OWSktLptvxVavStSKckJGpv8nRwlcI0f6ROi2ZN6-iW8R8_vVsWAcW64oAtjTfDX_L05JFuBx2Y2Cbu7UXiEZUpR2_BN9DCe86FHHmGmys8wcX98KAzxdanV1Hga5WpwBBDHBSkp5NlNI70Zek3l-mbWRuO3jTODc_qbQ-DRB6ZwgBCt0Yh53QYeudNSV_64CEBNlWCpq0bpdx4TJgZ2jSpmLBzVieCI9CpnRqXIPV8OCklv7pjmHQJga08Px18_fkOYusjnwMEqZbM6HQsUlp-lTeF-z8Y8UdjCg7sJZyfPh4hehDK3tafcLJZXnHAErFWPcPW455BCYdY6pZwV-YxZNxF7lAOe9-s5rEa1ipvL_4Xuk0W6iCvcZ9UGmRIMUk9ENmew1m_2LBIotktrepO4G_vZcaCwjhi4P6iNCWFjFkEWYZ0hLNw0x2stinWfwO9B_MI2jz3o6l1G99cQSFMPk5i6DFyQo567BqZb64QO1ewkLzZhWepW4oG8Jrbi9OtfihpNRzn0qn1IU-ZYm7o2QcQhXNQH8kg0NgtV6WnWCvjfItIUk5BXrpOAeOI1HJc25o29I6pFxFA1qVskBYtYqnqMxPSCMVkjkJbzGwSyel8-QMfbOXzMXozV9JG9y8fAUwPFuAXYy_EdTqm57nkFor_otZoPEV1Mv6xyVCJekCYUmjri6Bi3rIhszV_e3uov8NLdBT2yh7k21rsd-auU8k5zj2PZP5nD0r6vdrB456ECNSHLbygFOKxC6JpczrvbMTV4hmjl5Q7PDA6RP-gsjCosgg6lMY95PZlXmlo8zMmZXcqHznABl62P1VqYjxdcthXB4AxXLOcTz0SQWYrc2GaOEMAb2tTR9uL-rZPh7UNRAmmX446dvszrPecufJtTg6gTuf9PCWuiuOrwAfm_o7oGO9To6uwoIGHEBlnL1x29MGXlURBWVzSU7pZm-JEwPHhcnop1r37ew3MxtGXGpbNXAVO-_5E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7F65 0
10 B 31ms
31ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iUql8g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C0AE 0
10 B 30ms
30ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pJR-QQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C949 0
10 B 31ms
30ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ov6CCg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:11:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D8E 0
0 67ms
67ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=4176355876507025&bg=!zM-lz4DNAAYEJRtnJCU7ADQBe5WfOCp8Zz--O4kf0InciAYkFONSJKpCEx1bLMPQxZ7vY9PVOrYdFw_NdYFSowGlCpkBAgAABmJSAAAACWgBB5kC_LnfuPqPlXswTINKi4TDvEbTQIZysDqRAynnLMnERmXOKtH7486Hf8EzcFiS6DhAOBJmWHqpePLYddu4JUcRhfO8SqUhJUdqHNmqwiaDxqdXRzoeJS2-ovvnGtq1r3kXDCdUS6s-znnYOY8zqjSa2MGyYqvrxMX4HfNsZClk9Hl3YCpGEBbs76rxxOMucSM1vpPmWdj0v4k4Ionc47L1SgbdWZAim6Q8RD8yfuap1uUCBYk7zLtj4Fecqq_Qa8TLn45KEEp7tsifyI-tZP5FalPtvGG3IK-oiHEhE1Fb-MRkVoKwTnV_Lar3wU-fqrpDD2w1GrLL-Dlss2IlXDWBfSkdJpQ3cBtIZGFmv1PuQXQcr8kbGchkudYfINae0p9rgTQtg4ZL4iSsa_a0bbJY4kY3uVe1B56xqKwRCf9Z0bAkhv7dUflLBSrXNdgSj0AtszeGSMSlYni5FEmE4zQDXZszT-3nqsBpNIHfJG1ZWLHGR2aqr7mGwUFAGARxubpKp2qFipopRNQ_14Zm14hoEmOSHFkYw8arDVNETAuRuOet5vCeWCsoIq86I5sITwBfWvbvh2B47s2Hd9_5D220casZzgZ55sWxddxzehuGW9u2G30vIleaSGs1-3GX-LFe_SJwpM7VMLzj4YEF13WpCKD8ZPXcU7ajUjhyypoXwJJAKMC_NvhgAGMSyAPfjmatKc67bqiY5VBwDFw4TdlvXSU7Ti7oBXfg2n8xg78YIqxDTLSDwji3lPPwDeaETkKD-U63f8aQTgdBMXnBG9_dpG9wJ3GQOqajYaA7WvX9qmnpIoWeTschAp8x1fhyX0oe6TxSwosw24I8ZLXxvyfQch0ZoWn4iQQ_SWZo8Zu5sqVagjbUChatsWascB-5PEE5HvT7b5FZlJCqxqhXbi67e3yIqOYne1oyYmXG9ZIhJyFRymKYDiYyC0ZdO_k8p8Ye0XKPCZw2vbQ26msd203CihkHbJLI3xckO6XuhcHck3NHovS3dGgzatPgLnhd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 95AF 0
308 B 118ms
43ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=c3abf68b2882482a815a4970df71c380&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&pltn=1&pltd=82&ee_dp_asmm=1&vdur=263&eoid=15&te_exec=0&msrjs=4784&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=27&msltms=83&vltms=263&sei=289&vetms=472&tuviims=830&tuviems=1565&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ee_dp_tmads=2974&ismms=251&isumms=250&nvr=6&isgmmims=251&isgmv4mims=251&elmtp=6&isbxdms=2900&b0=100&b11=2721&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2821&sftb=2821&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1390&isuiabvms=1390&isgmpims=580&isgmv4dpims=1390&ispmxpms=1390&engalms=249&dvp_dpr=1&vstsz=736&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3806&cbust=1696317089509903
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4784.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Tue, 03 Oct 2023 07:11:29 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-10-02T07:11:29

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9B51 0
0 66ms
66ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=1194333735167736&bg=!dHeldzjNAAYEJRtnJCU7ADQBe5WfOAf3Bwu0mCZ0XcYlSBTAxyI1Fyd3J2FRGNBzUXwp7jwbZwfuWTVnrA6CLDHSRe0eAgAAAzdSAAAACWgBB5kDC8ofncTCgujc5K-Foc4ehEVHf10ASA-6IGF2dPXUmj0P_EMsor5p9ivCYLGwyIV-NJ_yttO4cj6LBIm6_OWqLHN9wjIuFSQdb5VejnxCmMaFOArxfYXSCYKyoNHGWvUOoMfYjMkeT_Ola45u2CKGcXEq_3_XmTiY31DTPQTvBlZBtQNcCgJwmDuJ_5-o7ZOd74moIIcOQYDlq9HC2IW0lZYu0PtPlftgfRqFggECEt26vYK-mWzTdh7FizsMz86nz11_B1rLwoQ3U0eqaT8lj87TXh6caL5Q7DlpdKR5NKFxfGw7VpJBKjA_9NDToYHNV_URkvo_s8u7vxsdcvqaU1EKLvEU60hJuof57jLcqPAOpb1eYriL_Y_VwqbBelz-K1nPvm5-bvXJ8vHm06OuPGVhP5mtoDzW9fOvVRq4buGWodamgWN3JU3JAjwALCOqY6LYMsTkolCbnV4Ku1SuAlIDa06PkE_gPA9mS_LYFt8AlHytUwajYTDVGcy-uHVvS64MyB1kSfGvb3hm3frnC9aYDYpQos6V5OaQSaFaNWUrKpzWX1FQqwKeh0Tter6XSGbrl1Z_hYsLYBpa9g5LMIi5mgAtyjt-PGupvVU5_pvb9A8sn_2ZWPwCakdn9jJ69un4-SKE70ooOCuUZk-lp6IG4K8CXoayzh4eH3L0lQ-yPxTY22ui2cqRZo6uCG3BA7t6r8KJTcZI-yt4Uw_esvn-N_5ac8Mv-jWFi7z74AKlt0TV_xOVv0MzDCj4qIwpm0RpToGyvwKJbxWIIjBEFT4c5KAyBOFdrfLKAx9VV_Ql4HfVo6T-DIYY7PSeegyiiWg2VuunT51jw_-ozKZ3r38bbhip0vB8i7OonR0RCJ3YGhk_X9rkfT3Wz5ztWk747Ve9NXO7Lji1RoYUvYcMnuh6kV_NrdTcGL9zOOSv6tOzxXqROEpICKCdAeDv-t0F2AOFuxHlnYIGtOJCWaOeW_YhR5_lqu0wcu-vClYT4k8EgBwkgNrDJEqRZAWzwpbsNjd8fAzffsnEXNEe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5940 0
0 73ms
73ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=3429906786545753&bg=!UVKlUh3NAAYEJRtnJCU7ADQBe5WfOM4WjuC6RD-hkyi_Do3oC2fzjvI29NOnI9GA_4-ViEBkZOI_broQA0btINlnr5rpAgAAAo5SAAAADWgBB5kDFnZZwQN4PV6WGjrzdhSEwHoE1DQDEhoR2zKa03dUimRgp1qtjeoXsG7Rz_j2CdxNxudoDVM7mfMJ5pcht671IcNz-3t5wMjRwrpOZSwtHJjtixjXgIJtFLif5XFZeuXJ7d46VhM6YV4Ad0pfuJbpYwhDDaYdYHr6hxMkJLzcJVd2uIgW934pWtm_BTTjxaQcKzfYyW2zfuLWpM-_8i-OU_5Bti_fW-tlad6goD2tz2gayeBldZuPXE2ZrBKQmTGTjpj41fkM2Wzg0HuQDR9I7YbOFOWnSGD_sCpnVSOjx6UwcOdabx7jKwJu2kLWTbO9EuH_Qn1tELzeC-OvPOE9FQkXtdDmAhTFtIcAeoyNsdxXwgjGj4-rPkoMAqyGAFe3cRb6AS60OcOaX24zRso9BlUmkO0Kyk7MxbhFhlZCyz_0p8oFM3agasLqOaOuQKmNOr9COhb6sq7Qul3SsPhmv9sgBN1yRIJIudmDhZuhDkGb2kxYelnlOwDxk31fL2vAOOxU6cs7Abfk2roRg_m9yXn2pNq4-w9ErDMUDLSnwZLNCKeYFoaMbao0StUWRndlDKOus-WGVDtQDzmslZV0vTqId9Biv5ZkNtVahXDkV-_p_yFv5FGq845FZmiEZ0jmRUQRPI67j8hbSxymM9501yrnTcDm3EhKuNVG9F4MBrWH8QVkhTp4kOQdl-EACXbcXNuBOMMX-3JlZF38KafMG8BKqfF-NNmjS1Ht00aUNAUBUg12LtWDKc7owkCthN-IrWk9nxq0WbWrjopGBrlKipWzmb4HVGT9P8Fe6-lDW6mWTVhQ-veLo95_JimmSRq6Rmzq5uEuVcNHZ0ufvu2IplZVWU4ZP7qE4Yc1MH30rR8vqGYkxgurxKfLRM9-qL2yM28D1UJlFxcl5ZqUM1UAAckIog-qgLkMXaO3XaUL-wp1SOnr8uS1eZN6f4Gs75gByZF5csdg4AO7Z7ota_czvx-iosuG3_KAf-MG20tOK5RBiZBYr0M968B59ZTkvhqd7D-ttx1YVPg2gaJ_Uy9nqetQRvswJ7Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FEFF 0
0 76ms
76ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230928&jk=272488633389356&bg=!R0SlRAvNAAYEJRtnJCU7ADQBe5WfOA1L5KHjF5nJizNgI0tR4IKx8BAjh0OE49FNSLhTpLnWybWlTcKurg370Trfy6bTAgAAArFSAAAACmgBB5kDAdfD5LryFPrALAn7cD8YAKOnZMRnGCSdBI7vCX-qPo4MigZa67Bcj_PCFe6DGQeh-1XLlrvRlD9xHNxGm048eZkTVqBdQa6B64S0xkNeIHwJ7jRE913-m_zdp38MT9H3diOaWrc4IQg82j8_CuIoMrXTWPaoNwDfMOAmq4Iux9iLEc5rRQGNMa_y4IkzyaFodGMPDX5hraZ0Ues7MGInVVaPwrUXMlndKzgp3f6IyU-3Lh3eRZb6v7U8c9GTARKPfwD1GGdgKDN-Wk05ldVBwDGuNa_vJrli0zMb8LHWAkFPMP0jvhk0oPVs58Pev8g_yaJs-xxydX3HXGf7T2G_TrPBEqvqEhgS-OCiBLYRAhUchqIHQBUGg6xmzE7JqPmR_Sc9ia9e7o2qZv-b_zJ1kQJfFkzFWZvp5RC0gQKWUuVqqg1mVTcby_VsxdD7j1hj1Z4WQh6qJEf3islOdIZbDAtHnCmMuRAPC1Rme53Pnx7TULcH6VyXosHOB-a3A-gHCManQk22urTO93LsUsTWYHgvORpbq_HIfT3RSGzqvQYUO_-h-GNWIwBy6JLnhdGZzV2hehhK2kdpNbmPNCFi8SBi3jTyEUX_XivcEmr8ugnEnAcAwoq6vBWFE0w91tKCVV573YkBQ1oighA4n3QWMMUaPm4hVH2Cwf9c9UQ9mA1pS3c5-9JyrtOATgI_WcvlRB18AAbhxW_VRU-zj9G6Ekt_q2EwlpPiH6yPosZgacW9REA_fiNvKEkdG0yBKiiOkuDkcSAnVrBOLjyeRxZ4tZQqqEf4r6HvD1N8pjSSJMXbkJRjgirEB96ukFCCi3u_mj1kEXLFz_XZyITx-o05Y18UNyTCPj8RF4A93MrqpGjs3UHt72PguxQFkBj-bE2U7YnG4Dj7zge5E74NOKgEH7S1-L3JGjWwMly4KZdEWFnRC5UayloY3c5fld0amljBkhrmF_nY-pQ4DGErK4VN49Kah-CXPkG5DP22BpcYbPryMXRNtnjvMpNYeEEULZPNmvU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dc_oe=ChMI8IC-x6nZgQMVAc2yCh0nWg4_EAEYACC46NZb;met=1;&timestamp=1696317093749;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8756 42 B
401 B 142ms
66ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8IC-x6nZgQMVAc2yCh0nWg4_EAEYACC46NZb;met=1;&timestamp=1696317093749;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIop6KyKnZgQMVZqH9Bx2oogpFEAAYACC5pehPQhMIrv7Gx6nZgQMVTs2yCh0jwQIb;met=1;&timestamp=1696317095246;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1331 42 B
107 B 68ms
67ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIop6KyKnZgQMVZqH9Bx2oogpFEAAYACC5pehPQhMIrv7Gx6nZgQMVTs2yCh0jwQIb;met=1;&timestamp=1696317095246;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 07:11:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECsKURZz8joKZRiys69GQCk&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEHTTmdKwkuf8ZgeSMjeaXzY&google_cver=1&google_push=AXcoOmTt3hmzXm9N-rYnQmlgOh1o9UGxzpNAJPH3hxwiAFVMfXJJbBOEhzOgapIAGDk7uwPIFSwWCMp-21pd0ogcKEI4NS5tRPYN

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 00:47:57	Name: is_unique Value: sc12916097.1696317075.0
.statcounter.com/	1970-01-21 00:47:57	Name: is_visitor_unique Value: 1696317075338337712
.xgcartoon.com/	1970-01-20 23:57:33	Name: _ga Value: amp-RShIgk_xtzVmnFZBkaFm3g
.doubleclick.net/	1970-01-21 00:33:33	Name: IDE Value: AHWqTUlybkp4Ow3huMS5qHPCcbaELxbKWfF2ZBlvM3cRme1iBd0Mmv38uqt0yFNYCX0
.casalemedia.com/	1970-01-20 23:57:33	Name: CMID Value: ZRu.l5qNbAN-sLWhnTV38QAA
.casalemedia.com/	1970-01-20 17:21:33	Name: CMPS Value: 3171
.casalemedia.com/	1970-01-20 17:21:33	Name: CMPRO Value: 3171
.adnxs.com/	1970-01-20 17:21:33	Name: uuid2 Value: 8460940870556607412
.adnxs.com/	1970-01-20 17:21:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUkE5CM!]tbPl1M>e)ZlrFUfJ+tGXxoe?6piPaWNOVM^dU^Fn4Z-INYqVZsmwBrtL^f3If)y3KL9D3I?+jI^j!E
.openx.net/	1970-01-20 23:57:33	Name: i Value: e5cd7664-f6db-4252-a888-324931e6b891\|1696317080
.teads.tv/	1970-01-20 23:56:06	Name: tt_viewer Value: 79ff8cb6-4733-4a91-b12b-634e73182376
.w55c.net/	1970-01-21 00:43:37	Name: wfivefivec Value: bYtRYsv51QNzyU5
.travelaudience.com/	1970-01-21 00:43:37	Name: _tracker Value: %7B%22UUID%22%3A%22FF6E6B45-3D5B-49A2-34E3-7D535D62B0C2%22%7D
.quantserve.com/	1970-01-20 17:21:33	Name: d Value: ED4BCQGMKoEA
.quantserve.com/	1970-01-21 00:42:11	Name: mc Value: 651bbe98-c08bc-74da8-014d6
.smartadserver.com/	1970-01-21 00:42:11	Name: TestIfCookieP Value: ok
.yahoo.com/	1970-01-20 23:57:54	Name: A3 Value: d=AQABBJi-G2UCEBs4tRxJ7dTyLvi3V2BuhGgFEgEBAQEQHWUlZbti0CMA_eMAAA&S=AQAAAnVE7sr2EQcvZsIasL2m3E0
.turn.com/	1970-01-20 19:31:09	Name: uid Value: 8391481438974881496
.smartadserver.com/	1970-01-21 00:42:11	Name: pid Value: 4407854232638689222
.smartadserver.com/	1970-01-20 23:58:59	Name: csync Value: 76:CAESEOkeYSpdLam-PJyBLk31si0
.pubmatic.com/	1970-01-20 15:13:23	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 15:55:09	Name: matchgoogle Value: 5
.analytics.yahoo.com/	1970-01-20 23:57:33	Name: IDSYNC Value: 18yl~2e9j
.pubmatic.com/	1970-01-20 23:57:33	Name: KADUSERCOOKIE Value: AC04E978-893F-4980-A617-C43081E57A64
.tribalfusion.com/	1970-01-20 17:21:33	Name: ANON_ID Value: a1nt6ZaMwTkE6XlypqpMS1FKQYmeH7iV9ZdykL9tPpMgZdtJc4Rko1beZc0EtAuRxbVCRYGeaBKe3emjIS2S8KNaLw5ae2LM
.simpli.fi/	1970-01-20 23:58:59	Name: suid Value: 720EB514B20A488FAC93663AA87B997D
.adfarm1.adition.com/	1970-01-20 17:21:33	Name: UserID1 Value: 7285626390853580945
.redintelligence.net/	1970-01-20 17:21:33	Name: 8lcfmzhxc8d6_uid Value: 7cd1e3d883deeb8a
.ctnsnet.com/	1970-01-20 23:57:33	Name: gid_CAESECbf5S16Eg8-KqIk5UbcRpQ Value: 1
.ctnsnet.com/	1970-01-20 23:57:33	Name: cid_6bbbc58f814e4571993727ee44ad7e69 Value: 1
.3lift.com/	1970-01-20 17:21:33	Name: tluid Value: 147015025533824733880
.smaato.net/	1970-01-20 15:42:11	Name: SCM Value: f4bcecbf15
.smaato.net/	1970-01-20 15:42:11	Name: SCMv Value: f4bcecbf15
.bidswitch.net/	1970-01-20 23:57:33	Name: tuuid Value: 063148ff-632a-4ea7-9061-a54988eacbaf
.bidswitch.net/	1970-01-20 23:57:33	Name: c Value: 1696317085
.lijit.com/	1970-01-20 23:57:33	Name: ljt_reader Value: HbEPsGZHK5tnlEz1Qh-OQTHG
.360yield.com/	1970-01-20 17:21:33	Name: tuuid Value: cd2b6efb-a710-4918-955e-52890ed93868
.360yield.com/	1970-01-20 17:21:33	Name: tuuid_lu Value: 1696317085
.bidswitch.net/	1970-01-20 23:57:33	Name: tuuid_lu Value: 1696317086
.blismedia.com/	1970-01-20 23:57:37	Name: b Value: 651BBE9EFABAB864804CDA79BLIS
.lkqd.net/	1970-01-20 23:57:33	Name: sr109 Value: 1\|f4bcecbf15\|1696317086
.lkqd.net/	1970-01-20 23:57:33	Name: lkqdid Value: av5Lk_TBkok
.lkqd.net/	1970-01-20 23:57:33	Name: lkqdidts Value: 1696317086
.dotomi.com/	1970-01-20 15:11:57	Name: DotomiTest Value: 1630d6f3249917e6

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen Message: The resource https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECsKURZz8joKZRiys69GQCk&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://www.xgcartoon.com/detail/sishenbleachjuchangban1wurendehuiyijingjiejuchangban_biechudejiyiwurendejiyiriyu-jiubaodairen Message: The resource https://186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

186bf7418c9d6b071d093f1f2ad1cfb8.safeframe.googlesyndication.com
31c1498677561d0f980894636e0f04da.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.travelaudience.com
ajax.googleapis.com
ap.lijit.com
c.statcounter.com
cdn.ampproject.org
cdn.contentspread.net
cdn.doubleverify.com
cm.g.doubleclick.net
cms.quantserve.com
cs.lkqd.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900027.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static-a.xgcartoon.com
static.adsafeprotected.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
csync.loopme.me
sync.search.spotxchange.com
104.102.35.84
104.18.27.193
104.20.218.77
108.128.53.154
13.248.245.213
130.211.44.5
142.250.181.226
142.250.186.130
145.239.2.103
169.150.222.217
172.217.18.6
172.217.23.98
178.250.7.11
178.63.52.121
185.64.190.78
185.86.139.94
185.89.210.101
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
216.52.2.86
2600:1f18:1aca:4281:2367:e0b5:d1fc:5a3e
2600:9000:21f3:5800:8:48e:53c0:93a1
2600:9000:237d:8a00:1b:5138:8a40:93a1
2606:4700:10::ac43:2a0b
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a02:26f0:480:9::210:ee0e
2a02:fa8:8806:20::2010
3.33.220.150
3.71.149.231
34.96.105.8
34.98.64.218
35.157.117.145
35.186.193.173
35.190.0.66
35.204.74.118
35.227.252.103
51.89.9.251
52.212.215.149
52.57.217.9
69.173.144.165
69.20.43.192
78.46.111.106
85.114.159.118
0095c5c997bf8ac947b4431bb1ad40dbb1edb9df83d325cb47028a686fcb654c
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03a90b3fc63207809462f0b5f2eca5165963c2493ae933939930006417351596
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0900b25347fe8ed7071bceff0d3e3097c06fa5d2d6d8dfd97ec767080a44df63
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6259d0b7ea1f9a00ea15b0c025f93cea93e8bb26215231a0afdb1e20a2c0b0
0d8200ff44127aaa31192ba26e510d40b8b2fcd94a140fda0e045c856a7c2461
0ffa05b9444837d48f02beade54963bc544ea3b082fe834981b5151de5f743e8
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18da8c67db156429bae7ab487aeb729bb96857ce6f797b8f34cb33a05be3d436
1aa4a7bb3250246172fb936a76cad3eda063687abf10aeef1780a2fb659a9abc
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
22349e69182d6fe2a0fb7f16741ba340e16566faa277403ff680fcc2725ea035
2332e448898c898b9cc2fe9d84d12f531ea60b34f8ef40492a8bb0bb94fed6ff
249d04c36cba15f88db5b78c963c3d8c638e2c35423c5f5feba0b431bfae8859
27aee1d5ef1ac486b91a739d226b34ca1d58beccc1f4e401fc70ad129faad014
27bb3ca1a93c5079b313320cf72c4057818535462f4546c2a83baac6914f3130
289a63329e779d0f0bdf9cd870d5c4f96ef6a5d8ee8ba4fe40ac02a7b9c8e8b1
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bacb411b0ea4da2bc22fa3031a832365954d52418e00767b991133e228059f
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
351507d281831dc6f09f0490427b5f0314eff8cc0d06af763bda15d43991144e
3716132f8a7913dccedf532c1ab001429403378cb0e00329d1eb675e94c7bae4
375ce5168faa6d90408b9633e21396a96702d510a2770e5ed166ea0d29119eae
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3959bc82fe3865f2b162aeaeece6732ed5cd49261548f7db0256b4d168b45605
3a883ef0f6f005c02155471fa0ab0c552a45630835641e85684bc6183968dcc1
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4397740b31135a1b35a5223751e2fbd5bcb653b95e05a29a569ef4fae249aa7c
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
461621c3b324b086d9ccf9defa1a3c0adfe6be6da0a0ffe40ea29151799edb16
464857ce2cd39f577e1aee4380de452b3032f2746c94be5b8d71508e0733ca40
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4164315e5413c774f97a73429bc31af96c16d4d6629fad069b686506ce09db
4c90cccc691c38fa66173ee2af646798a8d4a4abf07881a034bb4ef995f55e97
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
5461f598a49fc581c376c4a8f9b5e7144c11624e5761735a4cadc5f19f1c9e85
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742
5f661849496e98f4e46eb4c31ff4bcbd3871ca1cf4b800fa371a7244c293c830
616b91fa8689c699973302a45e06d632ec678a897662acc077dbe892490651e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63094d9ea33b162369614d537c8add4796bf23adf5d24cf5b8a602237e16f568
6588c11e6a39f93dde0979cf6e4a0f41de499f1bdaa259957cc0f1d8e20f105b
662fd23135d942f5ae90d166f3c8febf75bb16c61d0d4790b6df654d63e933da
6653c7243a2cd4f5c0fb5eb1b8887f00909f737da004eeca80fec1663f20639c
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
7a4bdcfef47571b37c2abbe7e91e7ad39795487995525e0da25ce0334e3ab770
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
83cadb577d50435ac2de656b8eeffd29e1a3c828feb95b5a966de8ff69571eb3
85d35d03f78aa3d3c2d1a98903e860084faac588eb5ea65593282c0b55be02f9
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c
94c849575fe72d56d0355d4e41ce8eab134584f902f1e6e6e929c6b5c73e0f1b
97765ef819612e7f3fdd6f5b27ad853e12036246bb6da4697a972722cdf1ade9
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
98873d2f2eb3a03e447a29bb3c8f146f455bde0faf5d484f10e873f759531f8d
994d69ad3635f9ab951fac4378f29d66f8a715681ce41b2bbf49ebb132bba012
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b22b527a652c53284f5339711a08c2ef2667565d35c09e38f835593e2fdea9c
9c47084c2145d7331489565f6747ae1af154b70d0d3ab809451f0a76d031680f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3fe2201aeda9050d5a049b03528e35c36bc20298f05b3e5e2a3574c385b683d
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8141811b27a456809c95cb051c9f1f77d4c44b4f28d8f55a27dddc0e26ea6e6
a85f98d630e3d1b37fddbd2a5520fb89a76332f967b2aacc48d09d87e40740ee
aa1305d7baebcaaca830bdaa875d69c9ffaf511c107d90d6c94d505589d6dc67
ab16337f55ff19b3465fdf46061afab9c2aa40400c04015c93aaff1fea846c42
ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4
ae275697129e6156055f9596a6550574d1519840eaf63a39beea543bf7650f26
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27d5c08d1131cab6859b75e31b642f049da02cffeb705334376e5095653aecf
b4ca554e1ccf4f49af7aa357301e875fc590e268863ff9d9325abdb3c8f28d1e
b59738e7e138acf9ac4f1483f2daa23fda9dc055420d6f6a174c2a34749b105f
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
b99ee275208ffdee7bbd9fdaade2698a3709c3fd608d82d9670ecdc7e05d132d
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc08d0bea55ff25879cb217bf5ce65e8e3f18b2276654ddc68574f291929cbff
be05d931ecf3d0b6d2cf97cd76e991e71c9a015ab776ab7af4f46d559ae0607e
bf1a325a0a06b0ef841140d2afa846981bcb44075230923b7b1821ff9c62c64b
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c014ceee215843eda25f71550ce11ee82308e82aa70ea957ec7c4b64d81f8c0f
c0f3f635d430d10f544dad43158b77bf0cdf578b38f3f2452ad4742dc14cdf23
c15fe3f79599361a950b6f3f4a61b3540761a33b9bcbcf9b422c38487e677886
c1c38c9c0ad13cfe2d9e7eafb46ae69f40fa031efce5570266087babf59a7660
c2f39ebaedd4712d46c42a9bf8e8bab2662d6fd4a4e1dd0f5c0adddb8c25fdda
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c67f981af134d9395cf0335f1fe6d9f81892aff25ad011fbdff8d553a5ae5b17
c7bd05b37de5316dc987d84ab162ad2defb0105dd4129ad6f962057998434f5d
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
ca66f41ff8275222ed36c77b50da625de57340bebc63879b3dbd4f01a86a98b4
cc3178a55f75fbd4307d0be5e81562d0edcffe0f72b617589fbb26ecfe354f5b
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
cefd5bd9a30367cb1a5e8dc7168f1515a31a53786b415865c867c221c74b5ace
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d6f226bf73d309afec0f8136aadcd4c31a5fb38158edc76f2be201529cea88e4
d9003acbcaa3049be6dc5e33c2f5aca39aa459cfa7d0d877a377788f95c83964
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc526f9cea36c3bb804ff71878fae243dabe9f97e2dac555f54a7b2270190bd6
dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d
dcfeeee4b3b2a0e6a6e86ea0758301b373bca0894710afa06b0c0fe1731d0ddd
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
dee82a159a48478b1cadd64e7fc4b3a2d486a106679f745245aee813585c2bfc
e02add5965a4bf30c9953e964198e8b23b4ccf3e566f2f8e952beae155d8d8d7
e109816b02abcd094210371b33e737bdccaef99e9e01ad00b934f5de0fad5db4
e21ac7f8f03501b606c9a05b82104f382ec9e89dfcb4513ce4ee481c8403d199
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5b7f02b23fdfaa750168663e07aa8da6df9b31692b4e470097c1122b3fe2678
e718308fbcce37e60c21c5418573c39b7810d5e5d375540667ce512c22ef984f
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e9e5dcb9750ef85fa11ac94c20ce74e91cd222ce01cc0e953de8fe0e19214c85
ea94b1961a49ef6ff1d60d88c4104216626cfe9c6bcb8a5f976c42c870f474d6
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fd49619d3b8eb638a31dd680b40cb0a317431360f125a088d9fe56171bfba8
f6b75a84f14d5a9b60b0093d1e0620b079ad511d461554606596f08f0c5d1110
f6da6eaa08cc5b3c12f2c3ff424f1d81610d90bf31d4e4f75ea1d7ddb776f276
fb720cb27bdc3d37015ce900d678af8fb68dcab3fbb6d583fbb7ab11dff45803
fcf32410bff53530e5f09e4f8b9f95bdabe265077098c9488d0a3c819255b6ac

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

331 Requests

86 %HTTPS

37 %IPv6

43 Domains

64 Subdomains

40 IPs

9 Countries

4362 kBTransfer

11234 kBSize

44 Cookies

1 Outgoing links

Redirected requests

331 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

331
Requests

86 %
HTTPS

37 %
IPv6

43
Domains

64
Subdomains

40
IPs

9
Countries

4362 kB
Transfer

11234 kB
Size

44
Cookies

331 HTTP transactions
15 data transactions